RA Flexible Software Package Documentation
Release v5.3.0
|
|
Functions | |
fsp_err_t | R_RSIP_Open (rsip_ctrl_t *const p_ctrl, rsip_cfg_t const *const p_cfg) |
fsp_err_t | R_RSIP_Close (rsip_ctrl_t *const p_ctrl) |
fsp_err_t | R_RSIP_RandomNumberGenerate (rsip_ctrl_t *const p_ctrl, uint8_t *const p_random) |
fsp_err_t | R_RSIP_KeyGenerate (rsip_ctrl_t *const p_ctrl, rsip_key_type_t const key_type, rsip_wrapped_key_t *const p_wrapped_key) |
fsp_err_t | R_RSIP_KeyPairGenerate (rsip_ctrl_t *const p_ctrl, rsip_key_pair_type_t const key_pair_type, rsip_wrapped_key_t *const p_wrapped_public_key, rsip_wrapped_key_t *const p_wrapped_private_key) |
fsp_err_t | R_RSIP_EncryptedKeyWrap (rsip_ctrl_t *const p_ctrl, rsip_key_update_key_t const *const p_key_update_key, uint8_t const *const p_initial_vector, rsip_key_type_t const key_type, uint8_t const *const p_encrypted_key, rsip_wrapped_key_t *const p_wrapped_key) |
fsp_err_t | R_RSIP_RFC3394_KeyWrap (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_kek, rsip_wrapped_key_t const *const p_wrapped_target_key, uint8_t *const p_rfc3394_wrapped_target_key) |
fsp_err_t | R_RSIP_RFC3394_KeyUnwrap (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_kek, rsip_key_type_t const key_type, uint8_t const *const p_rfc3394_wrapped_target_key, rsip_wrapped_key_t *const p_wrapped_target_key) |
fsp_err_t | R_RSIP_InjectedKeyImport (rsip_key_type_t const key_type, uint8_t const *const p_injected_key, rsip_wrapped_key_t *const p_wrapped_key, uint32_t const wrapped_key_buffer_length) |
fsp_err_t | R_RSIP_PublicKeyExport (rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t *const p_raw_public_key) |
fsp_err_t | R_RSIP_AES_Cipher_Init (rsip_ctrl_t *const p_ctrl, rsip_aes_cipher_mode_t const mode, rsip_wrapped_key_t const *const p_wrapped_key, uint8_t const *const p_initial_vector) |
fsp_err_t | R_RSIP_AES_Cipher_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_input, uint8_t *const p_output, uint32_t const length) |
fsp_err_t | R_RSIP_AES_Cipher_Finish (rsip_ctrl_t *const p_ctrl) |
fsp_err_t | R_RSIP_AES_AEAD_Init (rsip_ctrl_t *const p_ctrl, rsip_aes_aead_mode_t const mode, rsip_wrapped_key_t const *const p_wrapped_key, uint8_t const *const p_nonce, uint32_t const nonce_length) |
fsp_err_t | R_RSIP_AES_AEAD_LengthsSet (rsip_ctrl_t *const p_ctrl, uint32_t const total_aad_length, uint32_t const total_text_length, uint32_t const tag_length) |
fsp_err_t | R_RSIP_AES_AEAD_AADUpdate (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_aad, uint32_t const aad_length) |
fsp_err_t | R_RSIP_AES_AEAD_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_input, uint32_t const input_length, uint8_t *const p_output, uint32_t *const p_output_length) |
fsp_err_t | R_RSIP_AES_AEAD_Finish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_output, uint32_t *const p_output_length, uint8_t *const p_tag) |
fsp_err_t | R_RSIP_AES_AEAD_Verify (rsip_ctrl_t *const p_ctrl, uint8_t *const p_output, uint32_t *const p_output_length, uint8_t const *const p_tag, uint32_t const tag_length) |
fsp_err_t | R_RSIP_AES_MAC_Init (rsip_ctrl_t *const p_ctrl, rsip_aes_mac_mode_t const mode, rsip_wrapped_key_t const *const p_wrapped_key) |
fsp_err_t | R_RSIP_AES_MAC_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_message, uint32_t const message_length) |
fsp_err_t | R_RSIP_AES_MAC_SignFinish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_mac) |
fsp_err_t | R_RSIP_AES_MAC_VerifyFinish (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_mac, uint32_t const mac_length) |
fsp_err_t | R_RSIP_ECDSA_Sign (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, uint8_t const *const p_hash, uint8_t *const p_signature) |
fsp_err_t | R_RSIP_ECDSA_Verify (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t const *const p_hash, uint8_t const *const p_signature) |
fsp_err_t | R_RSIP_RSA_Encrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t const *const p_plain, uint8_t *const p_cipher) |
fsp_err_t | R_RSIP_RSA_Decrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, uint8_t const *const p_cipher, uint8_t *const p_plain) |
fsp_err_t | R_RSIP_RSAES_PKCS1_V1_5_Encrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, uint8_t const *const p_plain, uint32_t const plain_length, uint8_t *const p_cipher) |
fsp_err_t | R_RSIP_RSAES_PKCS1_V1_5_Decrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, uint8_t const *const p_cipher, uint8_t *const p_plain, uint32_t *const p_plain_length, uint32_t const plain_buffer_length) |
fsp_err_t | R_RSIP_RSAES_OAEP_Encrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint8_t const *const p_label, uint32_t const label_length, uint8_t const *const p_plain, uint32_t const plain_length, uint8_t *const p_cipher) |
fsp_err_t | R_RSIP_RSAES_OAEP_Decrypt (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint8_t const *const p_label, uint32_t const label_length, uint8_t const *const p_cipher, uint8_t *const p_plain, uint32_t *const p_plain_length, uint32_t const plain_buffer_length) |
fsp_err_t | R_RSIP_RSASSA_PKCS1_V1_5_Sign (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, rsip_hash_type_t const hash_function, uint8_t const *const p_hash, uint8_t *const p_signature) |
fsp_err_t | R_RSIP_RSASSA_PKCS1_V1_5_Verify (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, rsip_hash_type_t const hash_function, uint8_t const *const p_hash, uint8_t const *const p_signature) |
fsp_err_t | R_RSIP_RSASSA_PSS_Sign (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_private_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint32_t const salt_length, uint8_t const *const p_hash, uint8_t *const p_signature) |
fsp_err_t | R_RSIP_RSASSA_PSS_Verify (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_public_key, rsip_hash_type_t const hash_function, rsip_mgf_type_t const mask_generation_function, uint32_t const salt_length, uint8_t const *const p_hash, uint8_t const *const p_signature) |
fsp_err_t | R_RSIP_SHA_Compute (rsip_ctrl_t *const p_ctrl, rsip_hash_type_t const hash_type, uint8_t const *const p_message, uint32_t const message_length, uint8_t *const p_digest) |
fsp_err_t | R_RSIP_SHA_Init (rsip_ctrl_t *const p_ctrl, rsip_hash_type_t const hash_type) |
fsp_err_t | R_RSIP_SHA_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_message, uint32_t const message_length) |
fsp_err_t | R_RSIP_SHA_Finish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_digest) |
fsp_err_t | R_RSIP_SHA_Suspend (rsip_ctrl_t *const p_ctrl, rsip_sha_handle_t *const p_handle) |
fsp_err_t | R_RSIP_SHA_Resume (rsip_ctrl_t *const p_ctrl, rsip_sha_handle_t const *const p_handle) |
fsp_err_t | R_RSIP_HMAC_Compute (rsip_ctrl_t *const p_ctrl, const rsip_wrapped_key_t *p_wrapped_key, uint8_t const *const p_message, uint32_t const message_length, uint8_t *const p_mac) |
fsp_err_t | R_RSIP_HMAC_Verify (rsip_ctrl_t *const p_ctrl, const rsip_wrapped_key_t *p_wrapped_key, uint8_t const *const p_message, uint32_t const message_length, uint8_t const *const p_mac, uint32_t const mac_length) |
fsp_err_t | R_RSIP_HMAC_Init (rsip_ctrl_t *const p_ctrl, rsip_wrapped_key_t const *const p_wrapped_key) |
fsp_err_t | R_RSIP_HMAC_Update (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_message, uint32_t const message_length) |
fsp_err_t | R_RSIP_HMAC_SignFinish (rsip_ctrl_t *const p_ctrl, uint8_t *const p_mac) |
fsp_err_t | R_RSIP_HMAC_VerifyFinish (rsip_ctrl_t *const p_ctrl, uint8_t const *const p_mac, uint32_t const mac_length) |
fsp_err_t | R_RSIP_HMAC_Suspend (rsip_ctrl_t *const p_ctrl, rsip_hmac_handle_t *const p_handle) |
fsp_err_t | R_RSIP_HMAC_Resume (rsip_ctrl_t *const p_ctrl, rsip_hmac_handle_t const *const p_handle) |
fsp_err_t | R_RSIP_OTF_Init (rsip_ctrl_t *const p_ctrl, rsip_otf_channel_t const channel, rsip_wrapped_key_t *const p_wrapped_key, uint8_t const *const p_seed) |
Driver for the Renesas Secure IP (RSIP) peripheral on RA MCUs.
This module provides RSIP functions in protected mode.
Crypto Peripheral version | Devices |
---|---|
RSIP-E51A | RA8M1, RA8D1, RA8T1 |
The RSIP module supports for the following features.
The following key management functions are available on each devices.
RSIP Protected Mode driver has the following states.
State Name | Details |
---|---|
STATE_INITIAL | Driver is not open. |
STATE_MAIN | Ready to Compute. |
STATE_AES | Computing AES (unauthnticated cipher) |
STATE_AES_AEAD | Computing AES (AEAD). |
STATE_AES_MAC | Computing AES (MAC). |
STATE_SHA | Computing SHA. |
STATE_HMAC | Computing HMAC. |
There are two types of APIs provided by the RSIP driver for accelerating cryptographic operations: those that provide cryptographic operations in a single API and those that provide them in multiple APIs. In this document, the former is referred to as single-part operations and the latter as multi-part operations. Each corresponds to the following algorithms :
・single-part operations : DRBG, Key management, RSA, ECDSA, SHA (Compute), HMAC (Compute&Verify)
・multi-part operations : AES (include AEAD, MAC), SHA, HMAC
Multi-part operations are APIs which split a single cryptographic operation into a sequence of separate steps (Init-Update-Finish). This enables fine control over the configuration of the cryptographic operation, and allows the message data to be processed in fragments instead of all at once.
Due to the above characteristics, it is necessary to manage the operational states in the multi-part operations.
This module does not require a specific clock configuration.
This module does not use I/O pins.
Start by creating a new project in e² studio or RASC. On the Stacks tab, add New > Security > RSIP Protected Mode (r_rsip).
This is an example of AES-256 encryption and decryption.
This is an example of AES-GCM-256 tag generation and verification.
This is an example of AES-GMAC-256 signature generation and verification.
This is an example of AES-CCM-256 tag generation and verification.
This is an example of AES-CMAC-256 tag generation and verification.
This is an example of ECC secp-256 signature generate and verify.
This is an example of RSA-2048 encryption and decryption.
This is an example of calculating the SHA256 hash.
Data Structures | |
struct | rsip_instance_ctrl_t |
struct rsip_instance_ctrl_t |
RSIP private control block. DO NOT MODIFY. Initialization occurs when R_RSIP_Open() is called.
fsp_err_t R_RSIP_Open | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_cfg_t const *const | p_cfg | ||
) |
Enables use of Renesas Secure IP functionality.
Implements rsip_api_t::open.
<Operational State>
This API can only be executed in the STATE_INITIAL, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_MAIN |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_ALREADY_OPEN | Module is already open. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Internal key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Hardware initialization is failed. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption or hardware fault is detected. |
fsp_err_t R_RSIP_Close | ( | rsip_ctrl_t *const | p_ctrl | ) |
Disables use of Renesas Secure IP functionality.
Implements rsip_api_t::close.
<Operational State>
This API can be executed in except STATE_INITIAL, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_INITIAL |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RandomNumberGenerate | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t *const | p_random | ||
) |
Generates a 128-bit random number.
Implements rsip_api_t::randomNumberGenerate.
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_KeyGenerate | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_key_type_t const | key_type, | ||
rsip_wrapped_key_t *const | p_wrapped_key | ||
) |
Generate a wrapped symmetric key from a random number. In this API, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.
Implements rsip_api_t::keyGenerate.
<Usage Precautions>
key_type | RSIP_KEY_TYPE_AES_128 RSIP_KEY_TYPE_AES_256 RSIP_KEY_TYPE_XTS_AES_128 RSIP_KEY_TYPE_XTS_AES_256 RSIP_KEY_TYPE_HMAC_SHA256 |
---|
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_KeyPairGenerate | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_key_pair_type_t const | key_pair_type, | ||
rsip_wrapped_key_t *const | p_wrapped_public_key, | ||
rsip_wrapped_key_t *const | p_wrapped_private_key | ||
) |
Generate a wrapped asymmetric key pair from a random number. In this API, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.
Implements rsip_api_t::keyPairGenerate.
<Usage Precautions>
key_pair_type | RSIP_KEY_PAIR_TYPE_ECC_SECP256R1 RSIP_KEY_PAIR_TYPE_ECC_SECP384R1 RSIP_KEY_PAIR_TYPE_ECC_SECP521R1 RSIP_KEY_PAIR_TYPE_RSA_2048 RSIP_KEY_PAIR_TYPE_RSA_3072 RSIP_KEY_PAIR_TYPE_RSA_4096 |
---|
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_EncryptedKeyWrap | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_key_update_key_t const *const | p_key_update_key, | ||
uint8_t const *const | p_initial_vector, | ||
rsip_key_type_t const | key_type, | ||
uint8_t const *const | p_encrypted_key, | ||
rsip_wrapped_key_t *const | p_wrapped_key | ||
) |
Decrypt the encrypted user key with Key Update Key (KUK) and wrap it with the Hardware Unique Key (HUK).
Implements rsip_api_t::encryptedKeyWrap.
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RFC3394_KeyWrap | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_kek, | ||
rsip_wrapped_key_t const *const | p_wrapped_target_key, | ||
uint8_t *const | p_rfc3394_wrapped_target_key | ||
) |
This function provides Key Wrap algorithm compliant with RFC3394. Using p_wrapped_kek to wrap p_wrapped_target_key, and output the result to p_rfc3394_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyWrap.
<Usage Precautions>
Key Type of p_wrapped_kek | Corresponding Parameter |
---|---|
AES-128 | RSIP_KEY_TYPE_AES_128 |
AES-256 | RSIP_KEY_TYPE_AES_256 |
Key Type of p_wrapped_target_key | Corresponding Parameter |
---|---|
AES-128 | RSIP_KEY_TYPE_AES_128 |
AES-256 | RSIP_KEY_TYPE_AES_256 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RFC3394_KeyUnwrap | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_kek, | ||
rsip_key_type_t const | key_type, | ||
uint8_t const *const | p_rfc3394_wrapped_target_key, | ||
rsip_wrapped_key_t *const | p_wrapped_target_key | ||
) |
This function provides Key Unwrap algorithm compliant with RFC3394. Using p_wrapped_kek to unwrap p_rfc3394_wrapped_target_key, and output the result to p_wrapped_target_key.
Implements rsip_api_t::rfc3394_KeyUnwrap.
<Usage Precautions>
Key Type of p_wrapped_kek | Corresponding Parameter |
---|---|
AES-128 | RSIP_KEY_TYPE_AES_128 |
AES-256 | RSIP_KEY_TYPE_AES_256 |
Key Type of p_rfc3394_wrapped_target_key | Corresponding Parameter |
---|---|
AES-128 | RSIP_KEY_TYPE_AES_128 |
AES-256 | RSIP_KEY_TYPE_AES_256 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_InjectedKeyImport | ( | rsip_key_type_t const | key_type, |
uint8_t const *const | p_injected_key, | ||
rsip_wrapped_key_t *const | p_wrapped_key, | ||
uint32_t const | wrapped_key_buffer_length | ||
) |
This function provides the ability to construct structure data "rsip_wrapped_key_t" from injected key data. The value of injected key is not validated in this API. Refer "Key Size Table" for supported key types.
Implements rsip_api_t::injectedKeyImport.
<Operational State>
This API can be executed in any state including STATE_INITIAL, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_UNSUPPORTED | Selected key type is not supported. |
FSP_ERR_INVALID_SIZE | Buffer length is too short. |
fsp_err_t R_RSIP_PublicKeyExport | ( | rsip_wrapped_key_t const *const | p_wrapped_public_key, |
uint8_t *const | p_raw_public_key | ||
) |
Exports public key parameters from a wrapped key.
Implements rsip_api_t::publicKeyExport.
<Usage Precautions>
ECC bit length | QX location | QY location |
---|---|---|
192(*) | 0 | 24 |
224(*) | 0 | 28 |
256 | 0 | 32 |
384 | 0 | 48 |
512(*) | 0 | 64 |
521(*) | 0 | 66 |
RSA bit length | N location | E location |
---|---|---|
1024(*) | 0 | 128 |
2048 | 0 | 256 |
3072 | 0 | 384 |
4096 | 0 | 512 |
(*) These bit lengths are not supported in V.5.2.0.
<Operational State>
This API can be executed in any state including STATE_INITIAL, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
fsp_err_t R_RSIP_AES_Cipher_Init | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_aes_cipher_mode_t const | mode, | ||
rsip_wrapped_key_t const *const | p_wrapped_key, | ||
uint8_t const *const | p_initial_vector | ||
) |
Set parameters of AES cipher.
Implements rsip_api_t::aesCipherInit.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_AES |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_Cipher_Update | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_input, | ||
uint8_t *const | p_output, | ||
uint32_t const | length | ||
) |
Encrypts plaintext.
Implements rsip_api_t::aesCipherUpdate.
<Usage Precautions>
length | |
---|---|
ECB,CBC,CTR | Must be 0 or a multiple of 16. |
XTS | Must be 0 or greater than or equal to 16. After an integer not divisible by 16 is input, update will no longer be able to execute. |
<Operational State>
This API can only be executed in the STATE_AES, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
Any | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_SIZE | Input length is illegal. |
fsp_err_t R_RSIP_AES_Cipher_Finish | ( | rsip_ctrl_t *const | p_ctrl | ) |
Finalize AES operation.
Implements rsip_api_t::aesCipherFinish.
<Operational State>
This API can only be executed in the STATE_AES, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE | No change |
Others | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_AEAD_Init | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_aes_aead_mode_t | mode, | ||
rsip_wrapped_key_t const *const | p_wrapped_key, | ||
uint8_t const *const | p_nonce, | ||
uint32_t const | nonce_length | ||
) |
Prepares an AES-AEAD function.
Implements rsip_api_t::aesAeadInit.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_AES_AEAD |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_AEAD_LengthsSet | ( | rsip_ctrl_t *const | p_ctrl, |
uint32_t const | total_aad_length, | ||
uint32_t const | total_text_length, | ||
uint32_t const | tag_length | ||
) |
Set text and tag lengths for specific mode.
Implements rsip_api_t::aesAeadLengthsSet.
<Usage Precautions>
total_aad_length | Must be 110 or less. |
tag_length | The following values are allowed 4, 6, 8, 10, 12, 14, 16 |
<Operational State>
This API can only be executed in the STATE_AES_AEAD, and there are no state transitions.
However, this function can only be called once.
<About CCM processing>
This API must be called directly after executing R_RSIP_AES_AEAD_Init API.
<About GCM processing>
This API must NOT be called. Each input length is indeterminate and output tag length is fixed to 16 bytes.
If called, FSP_ERR_INVALID_STATE will be returned.
FSP_SUCCESS | Normal termination. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_SIZE | Input length is illegal. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
fsp_err_t R_RSIP_AES_AEAD_AADUpdate | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_aad, | ||
uint32_t const | aad_length | ||
) |
Inputs additional authentication data.
Implements rsip_api_t::aesAeadAadUpdate.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_AES_AEAD, and there are no state transitions.
<About GCM processing>
For GCM processing, this API can be skipped.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
FSP_ERR_CRYPTO_RSIP_FAIL | Internal error. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
fsp_err_t R_RSIP_AES_AEAD_Update | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_input, | ||
uint32_t const | input_length, | ||
uint8_t *const | p_output, | ||
uint32_t *const | p_output_length | ||
) |
Inputs additional authentication data.
Implements rsip_api_t::aesAeadUpdate.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_AES_AEAD, and there are no state transitions.
<About GMAC processing>
GMAC processing can be performed by skipping this API.
For detailed usage, refer to the example code.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_SIZE | Input length is illegal. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
fsp_err_t R_RSIP_AES_AEAD_Finish | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t *const | p_output, | ||
uint32_t *const | p_output_length, | ||
uint8_t *const | p_tag | ||
) |
Finalizes an AES-AEAD encryption.
Implements rsip_api_t::aesAeadFinish.
<Usage Precautions>
<Operational State>
This API can be executed in the STATE_AES_AEAD, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE | No change |
Any | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Internal error. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_AEAD_Verify | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t *const | p_output, | ||
uint32_t *const | p_output_length, | ||
uint8_t const *const | p_tag, | ||
uint32_t const | tag_length | ||
) |
Finalizes an AES-AEAD decryption.
Implements rsip_api_t::aesAeadVerify.
<Usage Precautions>
<Operational State>
This API can be executed in the STATE_AES_AEAD, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE | No change |
Any | STATE_MAIN |
If there is 16-byte fractional data indicated by the total data length of the value of p_cipher that was input by R_RSIP_AES_GCM_DecryptUpdate(), this API will output the result of decrypting that fractional data to p_cipher. Here, the portion that does not reach 16 bytes will be padded with zeros.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_SIZE | tag_length is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Internal error. |
FSP_ERR_CRYPTO_RSIP_AUTHENTICATION | Authentication is failed. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_MAC_Init | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_aes_mac_mode_t const | mode, | ||
rsip_wrapped_key_t const *const | p_wrapped_key | ||
) |
Prepares an AES-MAC generation and verification.
Implements rsip_api_t::aesMacInit.
<Usage Precautions>
Mode | Corresponding Parameter |
---|---|
CMAC | RSIP_AES_MAC_MODE_CMAC |
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_AES_MAC |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_MAC_Update | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_message, | ||
uint32_t const | message_length | ||
) |
Input message.
Implements rsip_api_t::aesMacUpdate.
Inside this function, the data that is input by the user is buffered until the input value of p_message exceeds 16 bytes. If the input value, p_message, is not a multiple of 16 bytes, it will be padded within the function.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_AES_MAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
Any | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
fsp_err_t R_RSIP_AES_MAC_SignFinish | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t *const | p_mac | ||
) |
Finalizes an AES-MAC generation.
Implements rsip_api_t::aesMacSignFinish.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_AES_MAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE | No change |
Others | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_SIZE | Input length is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Internal error. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_AES_MAC_VerifyFinish | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_mac, | ||
uint32_t const | mac_length | ||
) |
Finalizes an AES-MAC verification.
Implements rsip_api_t::aesMacVerifyFinish.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_AES_MAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE FSP_ERR_INVALID_SIZE | No change |
Others | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_SIZE | mac_length is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Internal error. |
FSP_ERR_CRYPTO_RSIP_AUTHENTICATION | Authentication is failed. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_ECDSA_Sign | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_private_key, | ||
uint8_t const *const | p_hash, | ||
uint8_t *const | p_signature | ||
) |
Signs a hashed message. The message hash should be generated in advance.
Implements rsip_api_t::ecdsaSign.
<Usage Precautions>
Key Length | Key Type |
---|---|
256 bit | RSIP_KEY_TYPE_ECC_SECP256R1_PRIVATE |
384 bit | RSIP_KEY_TYPE_ECC_SECP384R1_PRIVATE |
521 bit | RSIP_KEY_TYPE_ECC_SECP521R1_PRIVATE |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL |
|
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_ECDSA_Verify | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_public_key, | ||
uint8_t const *const | p_hash, | ||
uint8_t const *const | p_signature | ||
) |
Verifies a hashed message. The message hash should be generated in advance.
Implements rsip_api_t::ecdsaVerify.
<Usage Precautions>
Key Length | Key Type |
---|---|
256 bit | RSIP_KEY_TYPE_ECC_SECP256R1_PUBLIC |
384 bit | RSIP_KEY_TYPE_ECC_SECP384R1_PUBLIC |
521 bit | RSIP_KEY_TYPE_ECC_SECP521R1_PUBLIC |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL |
|
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSA_Encrypt | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_public_key, | ||
uint8_t const *const | p_plain, | ||
uint8_t *const | p_cipher | ||
) |
Encrypts plaintext with raw RSA.
Implements rsip_api_t::rsaEncrypt.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PUBLIC |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PUBLIC |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PUBLIC |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSA_Decrypt | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_private_key, | ||
uint8_t const *const | p_cipher, | ||
uint8_t *const | p_plain | ||
) |
Decrypts ciphertext with raw RSA.
Implements rsip_api_t::rsaDecrypt.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PRIVATE |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PRIVATE |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PRIVATE |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSAES_PKCS1_V1_5_Encrypt | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_public_key, | ||
uint8_t const *const | p_plain, | ||
uint32_t const | plain_length, | ||
uint8_t *const | p_cipher | ||
) |
Encrypts plaintext with RSAES-PKCS1-v1_5.
Implements rsip_api_t::rsaesPkcs1V15Encrypt.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PUBLIC |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PUBLIC |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PUBLIC |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
mLen
(plain_length) and k
(RSA key length) must meet the following condition.
mlen <= k - 11
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSAES_PKCS1_V1_5_Decrypt | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_private_key, | ||
uint8_t const *const | p_cipher, | ||
uint8_t *const | p_plain, | ||
uint32_t *const | p_plain_length, | ||
uint32_t const | plain_buffer_length | ||
) |
Decrypts with RSAES-PKCS1-v1_5.
Implements rsip_api_t::rsaesPkcs1V15Decrypt.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PRIVATE |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PRIVATE |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PRIVATE |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSAES_OAEP_Encrypt | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_public_key, | ||
rsip_hash_type_t const | hash_function, | ||
rsip_mgf_type_t const | mask_generation_function, | ||
uint8_t const *const | p_label, | ||
uint32_t const | label_length, | ||
uint8_t const *const | p_plain, | ||
uint32_t const | plain_length, | ||
uint8_t *const | p_cipher | ||
) |
Encrypts plaintext with RSAES-OAEP.
Implements rsip_api_t::rsaesOaepEncrypt.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PUBLIC |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PUBLIC |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PUBLIC |
Hash Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
Mask Generation Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_MGF_TYPE_MGF1_SHA256 |
SHA384 | RSIP_MGF_TYPE_MGF1_SHA384 |
SHA512 | RSIP_MGF_TYPE_MGF1_SHA512 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
mLen
(plain_length), hLen
(output length of hash_function), and k
(RSA key length) must meet the following condition.
mLen <= k - 2 hLen - 2
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSAES_OAEP_Decrypt | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_private_key, | ||
rsip_hash_type_t const | hash_function, | ||
rsip_mgf_type_t const | mask_generation_function, | ||
uint8_t const *const | p_label, | ||
uint32_t const | label_length, | ||
uint8_t const *const | p_cipher, | ||
uint8_t *const | p_plain, | ||
uint32_t *const | p_plain_length, | ||
uint32_t const | plain_buffer_length | ||
) |
Decrypts ciphertext with RSAES-OAEP.
Implements rsip_api_t::rsaesOaepDecrypt.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PRIVATE |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PRIVATE |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PRIVATE |
Hash Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
Mask Generation Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_MGF_TYPE_MGF1_SHA256 |
SHA384 | RSIP_MGF_TYPE_MGF1_SHA384 |
SHA512 | RSIP_MGF_TYPE_MGF1_SHA512 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
hLen
(output length of hash_function) and k
(RSA key length) must meet the following condition.
k >= 2 hLen + 2
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSASSA_PKCS1_V1_5_Sign | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_private_key, | ||
rsip_hash_type_t const | hash_function, | ||
uint8_t const *const | p_hash, | ||
uint8_t *const | p_signature | ||
) |
Signs message with RSASSA-PKCS1-v1_5.
Implements rsip_api_t::rsassaPkcs1V15Sign.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PRIVATE |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PRIVATE |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PRIVATE |
Hash Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSASSA_PKCS1_V1_5_Verify | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_public_key, | ||
rsip_hash_type_t const | hash_function, | ||
uint8_t const *const | p_hash, | ||
uint8_t const *const | p_signature | ||
) |
Verifies signature with RSASSA-PKCS1-v1_5.
Implements rsip_api_t::rsassaPkcs1V15Verify.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PUBLIC |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PUBLIC |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PUBLIC |
Hash Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSASSA_PSS_Sign | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_private_key, | ||
rsip_hash_type_t const | hash_function, | ||
rsip_mgf_type_t const | mask_generation_function, | ||
uint32_t const | salt_length, | ||
uint8_t const *const | p_hash, | ||
uint8_t *const | p_signature | ||
) |
Signs message with RSASSA-PSS.
Implements rsip_api_t::rsassaPssSign.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PRIVATE |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PRIVATE |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PRIVATE |
Hash Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
Mask Generation Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_MGF_TYPE_MGF1_SHA256 |
SHA384 | RSIP_MGF_TYPE_MGF1_SHA384 |
SHA512 | RSIP_MGF_TYPE_MGF1_SHA512 |
Parameter | Description |
---|---|
RSIP_RSA_SALT_LENGTH_AUTO | The salt length is set to RSIP_RSA_SALT_LENGTH_MAX or RSIP_RSA_SALT_LENGTH_HASH, whichever is shorter. When verifying, the salt length is detected automatically. |
RSIP_RSA_SALT_LENGTH_HASH | The salt length is set to the hash length. |
RSIP_RSA_SALT_LENGTH_MAX | The salt length is set to emLen - hLen - 2, where emLen is the same as the key length and hLen is the hash length. |
zero or positive integers | The following conditions must be satisfied. salt_length <= emLen - hLen - 2 where emLen is the same as the key length and hLen is the hash length. |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_RSASSA_PSS_Verify | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_public_key, | ||
rsip_hash_type_t const | hash_function, | ||
rsip_mgf_type_t const | mask_generation_function, | ||
uint32_t const | salt_length, | ||
uint8_t const *const | p_hash, | ||
uint8_t const *const | p_signature | ||
) |
Verifies signature with RSASSA-PSS.
Implements rsip_api_t::rsassaPssVerify.
<Usage Precautions>
Key Length | Key Type |
---|---|
2048 bit | RSIP_KEY_TYPE_RSA_2048_PUBLIC |
3072 bit | RSIP_KEY_TYPE_RSA_3072_PUBLIC |
4096 bit | RSIP_KEY_TYPE_RSA_4096_PUBLIC |
Hash Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
Mask Generation Function | Corresponding Parameter |
---|---|
SHA256 | RSIP_MGF_TYPE_MGF1_SHA256 |
SHA384 | RSIP_MGF_TYPE_MGF1_SHA384 |
SHA512 | RSIP_MGF_TYPE_MGF1_SHA512 |
Parameter | Description |
---|---|
RSIP_RSA_SALT_LENGTH_AUTO | The salt length is set to RSIP_RSA_SALT_LENGTH_MAX or RSIP_RSA_SALT_LENGTH_HASH, whichever is shorter. When verifying, the salt length is detected automatically. |
RSIP_RSA_SALT_LENGTH_HASH | The salt length is set to the hash length. |
RSIP_RSA_SALT_LENGTH_MAX | The salt length is set to emLen - hLen - 2, where emLen is the same as the key length and hLen is the hash length. |
zero or positive integers | The following conditions must be satisfied. salt_length <= emLen - hLen - 2 where emLen is the same as the key length and hLen is the hash length. |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | Input parameter is invalid. |
FSP_ERR_INVALID_SIZE | Any length is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_SHA_Compute | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_hash_type_t const | hash_type, | ||
uint8_t const *const | p_message, | ||
uint32_t const | message_length, | ||
uint8_t *const | p_digest | ||
) |
Generates SHA message digest.
Implements rsip_api_t::shaCompute.
<Usage Precautions>
Hash Type | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
Hash Type | digest length |
---|---|
SHA256 | 32 |
SHA384 | 48 |
SHA512 | 64 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
fsp_err_t R_RSIP_SHA_Init | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_hash_type_t const | hash_type | ||
) |
Prepares a SHA generation.
Implements rsip_api_t::shaInit.
<Usage Precautions>
Hash Type | Corresponding Parameter |
---|---|
SHA256 | RSIP_HASH_TYPE_SHA256 |
SHA384 | RSIP_HASH_TYPE_SHA384 |
SHA512 | RSIP_HASH_TYPE_SHA512 |
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_SHA |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
fsp_err_t R_RSIP_SHA_Update | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_message, | ||
uint32_t const | message_length | ||
) |
Inputs message.
Implements rsip_api_t::shaUpdate.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_SHA, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
Any | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_SHA_Finish | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t *const | p_digest | ||
) |
Finalizes a SHA generation.
Implements rsip_api_t::shaFinish.
<Usage Precautions>
Hash Type | digest length |
---|---|
SHA256 | 32 |
SHA384 | 48 |
SHA512 | 64 |
<Operational State>
This API can only be executed in the STATE_SHA, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN | No change |
Others | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_SHA_Suspend | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_sha_handle_t *const | p_handle | ||
) |
Suspend SHA generation. This API allows you to suspend processing, for example, if you are in the middle of computing digest value for successive chunks of the message and need to perform another process.
Implements rsip_api_t::shaSuspend.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_SHA, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS FSP_ERR_CRYPTO_RSIP_FATAL | STATE_MAIN |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_SHA_Resume | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_sha_handle_t const *const | p_handle | ||
) |
Resume SHA generation. This API allows you to resume a process that has been suspended by R_RSIP_SHA_Suspend() API.
Implements rsip_api_t::shaResume.
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_SHA |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
fsp_err_t R_RSIP_HMAC_Compute | ( | rsip_ctrl_t *const | p_ctrl, |
const rsip_wrapped_key_t * | p_wrapped_key, | ||
uint8_t const *const | p_message, | ||
uint32_t const | message_length, | ||
uint8_t *const | p_mac | ||
) |
Generates HMAC.
Implements rsip_api_t::hmacCompute.
<Usage Precautions>
HMAC Type | MAC length |
---|---|
HMAC-SHA256 | 32 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_Verify | ( | rsip_ctrl_t *const | p_ctrl, |
const rsip_wrapped_key_t * | p_wrapped_key, | ||
uint8_t const *const | p_message, | ||
uint32_t const | message_length, | ||
uint8_t const *const | p_mac, | ||
uint32_t const | mac_length | ||
) |
Verifies HMAC.
Implements rsip_api_t::hmacVerify.
<Usage Precautions>
HMAC Type | MAC length |
---|---|
HMAC-SHA256 | 4 to 32 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_SIZE | mac_length is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_Init | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_wrapped_key_t const *const | p_wrapped_key | ||
) |
Prepares a HMAC generation.
Implements rsip_api_t::hmacInit.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_HMAC |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_Update | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_message, | ||
uint32_t const | message_length | ||
) |
Inputs message.
Implements rsip_api_t::hmacUpdate.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
Any | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_SignFinish | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t *const | p_mac | ||
) |
Finalizes a HMAC generation.
Implements rsip_api_t::hmacSignFinish.
<Usage Precautions>
HMAC Type | MAC length |
---|---|
HMAC-SHA256 | 32 |
<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE | No change |
Others | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_VerifyFinish | ( | rsip_ctrl_t *const | p_ctrl, |
uint8_t const *const | p_mac, | ||
uint32_t const | mac_length | ||
) |
Finalizes a HMAC verification.
Implements rsip_api_t::hmacVerifyFinish.
<Usage Precautions>
HMAC Type | MAC length |
---|---|
HMAC-SHA256 | 4 to 32 |
<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_ERR_ASSERTION FSP_ERR_NOT_OPEN FSP_ERR_INVALID_STATE FSP_ERR_INVALID_SIZE | No change |
Others | STATE_MAIN |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_INVALID_SIZE | mac_length is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_FAIL | MAC verification is failed. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_Suspend | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_hmac_handle_t *const | p_handle | ||
) |
Suspend HMAC generation. This API allows you to suspend processing, for example, if you are in the middle of computing HMAC for successive chunks of the message and need to perform another process.
Implements rsip_api_t::hmacSuspend.
<Usage Precautions>
<Operational State>
This API can only be executed in the STATE_HMAC, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS FSP_ERR_CRYPTO_RSIP_FATAL | STATE_MAIN |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_HMAC_Resume | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_hmac_handle_t const *const | p_handle | ||
) |
Resume HMAC generation. This API allows you to resume a process that has been suspended by R_RSIP_HMAC_Suspend() API.
Implements rsip_api_t::hmacResume.
<Operational State>
This API can only be executed in the STATE_MAIN, and the state after execution changes as follows depending on the return value.
Return Value | State after execution |
---|---|
FSP_SUCCESS | STATE_HMAC |
Others | No change |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled in this function by configuration. |
FSP_ERR_INVALID_ARGUMENT | Input key type or mode is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |
fsp_err_t R_RSIP_OTF_Init | ( | rsip_ctrl_t *const | p_ctrl, |
rsip_otf_channel_t const | channel, | ||
rsip_wrapped_key_t *const | p_wrapped_key, | ||
uint8_t const *const | p_seed | ||
) |
Initialize on-the-fly decryption on RSIP. Implements rsip_api_t::otfInit.
<Usage Precautions>
Channel | Corresponding Parameter |
---|---|
CH-0 | RSIP_OTF_CHANNEL_0 |
CH-1 (*) | RSIP_OTF_CHANNEL_1 |
<Operational State>
This API can only be executed in the STATE_MAIN, and there are no state transitions.
[in,out] | p_ctrl | Pointer to control block. |
[in] | channel | Channel number. |
[in] | p_wrapped_key | Pointer to wrapped AES key. |
[in] | p_seed | Pointer to seed. |
FSP_SUCCESS | Normal termination. |
FSP_ERR_ASSERTION | A required parameter is NULL. |
FSP_ERR_NOT_OPEN | Module is not open. |
FSP_ERR_INVALID_STATE | Internal state is illegal. |
FSP_ERR_NOT_ENABLED | Input key type is disabled or selected channel is invalid. |
FSP_ERR_INVALID_ARGUMENT | Input key type is illegal. |
FSP_ERR_CRYPTO_RSIP_KEY_SET_FAIL | Input key value is illegal. |
FSP_ERR_CRYPTO_RSIP_RESOURCE_CONFLICT | A resource conflict occurred because a hardware resource required by the processing is in use by other processing. |
FSP_ERR_CRYPTO_RSIP_FATAL | Software corruption is detected. |