Functions
fsp_err_t	R_SCE_RSASSA_PKCS1024_SignatureGenerate (sce_rsa_byte_data_t message_hash, sce_rsa_byte_data_t signature, sce_rsa1024_private_wrapped_key_t *wrapped_key, uint8_t hash_type)

fsp_err_t	R_SCE_RSASSA_PKCS1024_SignatureVerify (sce_rsa_byte_data_t signature, sce_rsa_byte_data_t message_hash, sce_rsa1024_public_wrapped_key_t *wrapped_key, uint8_t hash_type)

fsp_err_t	R_SCE_RSAES_PKCS1024_Encrypt (sce_rsa_byte_data_t plain, sce_rsa_byte_data_t cipher, sce_rsa1024_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_RSAES_PKCS1024_Decrypt (sce_rsa_byte_data_t cipher, sce_rsa_byte_data_t plain, sce_rsa1024_private_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_RSASSA_PKCS2048_SignatureGenerate (sce_rsa_byte_data_t message_hash, sce_rsa_byte_data_t signature, sce_rsa2048_private_wrapped_key_t *wrapped_key, uint8_t hash_type)

fsp_err_t	R_SCE_RSASSA_PKCS2048_SignatureVerify (sce_rsa_byte_data_t signature, sce_rsa_byte_data_t message_hash, sce_rsa2048_public_wrapped_key_t *wrapped_key, uint8_t hash_type)

fsp_err_t	R_SCE_RSASSA_PKCS3072_SignatureVerify (sce_rsa_byte_data_t signature, sce_rsa_byte_data_t message_hash, sce_rsa3072_public_wrapped_key_t *wrapped_key, uint8_t hash_type)

fsp_err_t	R_SCE_RSASSA_PKCS4096_SignatureVerify (sce_rsa_byte_data_t signature, sce_rsa_byte_data_t message_hash, sce_rsa4096_public_wrapped_key_t *wrapped_key, uint8_t hash_type)

fsp_err_t	R_SCE_RSAES_PKCS2048_Encrypt (sce_rsa_byte_data_t plain, sce_rsa_byte_data_t cipher, sce_rsa2048_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_RSAES_PKCS2048_Decrypt (sce_rsa_byte_data_t cipher, sce_rsa_byte_data_t plain, sce_rsa2048_private_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_RSAES_PKCS3072_Encrypt (sce_rsa_byte_data_t plain, sce_rsa_byte_data_t cipher, sce_rsa3072_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_RSAES_PKCS4096_Encrypt (sce_rsa_byte_data_t plain, sce_rsa_byte_data_t cipher, sce_rsa4096_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_SHA256_Init (sce_sha_md5_handle_t *handle)

fsp_err_t	R_SCE_SHA256_Update (sce_sha_md5_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_SHA256_Final (sce_sha_md5_handle_t handle, uint8_t digest, uint32_t *digest_length)

fsp_err_t	R_SCE_SHA256HMAC_GenerateInit (sce_hmac_sha_handle_t handle, sce_hmac_sha_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_SHA256HMAC_GenerateUpdate (sce_hmac_sha_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_SHA256HMAC_GenerateFinal (sce_hmac_sha_handle_t handle, uint8_t mac)

fsp_err_t	R_SCE_SHA256HMAC_VerifyInit (sce_hmac_sha_handle_t handle, sce_hmac_sha_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_SHA256HMAC_VerifyUpdate (sce_hmac_sha_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_SHA256HMAC_VerifyFinal (sce_hmac_sha_handle_t handle, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_Open (sce_ctrl_t const p_ctrl, sce_cfg_t const const p_cfg)

fsp_err_t	R_SCE_Close (sce_ctrl_t *const p_ctrl)

fsp_err_t	R_SCE_SoftwareReset (void)

fsp_err_t	R_SCE_RandomNumberGenerate (uint32_t *random)

fsp_err_t	R_SCE_AES128_WrappedKeyGenerate (sce_aes_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_AES256_WrappedKeyGenerate (sce_aes_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_AES128_EncryptedKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES256_EncryptedKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES128_RFC3394KeyWrap (sce_aes_wrapped_key_t master_key, uint32_t target_key_type, sce_aes_wrapped_key_t target_key, uint32_t *rfc3394_wrapped_key)

fsp_err_t	R_SCE_AES256_RFC3394KeyWrap (sce_aes_wrapped_key_t master_key, uint32_t target_key_type, sce_aes_wrapped_key_t target_key, uint32_t *rfc3394_wrapped_key)

fsp_err_t	R_SCE_AES128_RFC3394KeyUnwrap (sce_aes_wrapped_key_t master_key, uint32_t target_key_type, uint32_t rfc3394_wrapped_key, sce_aes_wrapped_key_t *target_key)

fsp_err_t	R_SCE_AES256_RFC3394KeyUnwrap (sce_aes_wrapped_key_t master_key, uint32_t target_key_type, uint32_t rfc3394_wrapped_key, sce_aes_wrapped_key_t *target_key)

fsp_err_t	R_SCE_SHA256HMAC_EncryptedKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_hmac_sha_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_RSA1024_WrappedKeyPairGenerate (sce_rsa1024_wrapped_pair_key_t *wrapped_pair_key)

fsp_err_t	R_SCE_RSA2048_WrappedKeyPairGenerate (sce_rsa2048_wrapped_pair_key_t *wrapped_pair_key)

fsp_err_t	R_SCE_RSA1024_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_rsa1024_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_RSA1024_EncryptedPrivateKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_rsa1024_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_RSA2048_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_rsa2048_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_RSA2048_EncryptedPrivateKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_rsa2048_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_RSA3072_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_rsa3072_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_RSA4096_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_rsa4096_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp192r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)

fsp_err_t	R_SCE_ECC_secp224r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)

fsp_err_t	R_SCE_ECC_secp256r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)

fsp_err_t	R_SCE_ECC_secp384r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)

fsp_err_t	R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap (uint8_t initial_vector, uint8_t encrypted_key, sce_key_update_key_t key_update_key, sce_ecc_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall (uint8_t encrypted_provisioning_key, uint8_t initial_vector, uint8_t encrypted_key, sce_tls_ca_certification_public_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate (sce_tls_p256_ecc_wrapped_key_t tls_p256_ecc_wrapped_key, uint8_t ephemeral_ecdh_public_key)

fsp_err_t	R_SCE_ECDSA_secp192r1_SignatureGenerate (sce_ecdsa_byte_data_t message_hash, sce_ecdsa_byte_data_t signature, sce_ecc_private_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp224r1_SignatureGenerate (sce_ecdsa_byte_data_t message_hash, sce_ecdsa_byte_data_t signature, sce_ecc_private_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp256r1_SignatureGenerate (sce_ecdsa_byte_data_t message_hash, sce_ecdsa_byte_data_t signature, sce_ecc_private_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp384r1_SignatureGenerate (sce_ecdsa_byte_data_t message_hash, sce_ecdsa_byte_data_t signature, sce_ecc_private_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp192r1_SignatureVerify (sce_ecdsa_byte_data_t signature, sce_ecdsa_byte_data_t message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp224r1_SignatureVerify (sce_ecdsa_byte_data_t signature, sce_ecdsa_byte_data_t message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp256r1_SignatureVerify (sce_ecdsa_byte_data_t signature, sce_ecdsa_byte_data_t message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDSA_secp384r1_SignatureVerify (sce_ecdsa_byte_data_t signature, sce_ecdsa_byte_data_t message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDH_secp256r1_Init (sce_ecdh_handle_t *handle, uint32_t key_type, uint32_t use_key_id)

fsp_err_t	R_SCE_ECDH_secp256r1_PublicKeySign (sce_ecdh_handle_t handle, sce_ecc_public_wrapped_key_t ecc_public_wrapped_key, sce_ecc_private_wrapped_key_t ecc_private_wrapped_key, uint8_t public_key, sce_ecdsa_byte_data_t signature, sce_ecc_private_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_ECDH_secp256r1_PublicKeyVerify (sce_ecdh_handle_t handle, sce_ecc_public_wrapped_key_t ecc_public_wrapped_key, uint8_t public_key_data, sce_ecdsa_byte_data_t signature, sce_ecc_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature (sce_ecdh_handle_t handle, uint8_t public_key_data, sce_ecc_public_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_ECDH_secp256r1_SharedSecretCalculate (sce_ecdh_handle_t handle, sce_ecc_public_wrapped_key_t ecc_public_wrapped_key, sce_ecc_private_wrapped_key_t ecc_private_wrapped_key, sce_ecdh_wrapped_key_t shared_secret_wrapped_key)

fsp_err_t	R_SCE_ECDH_secp256r1_KeyDerivation (sce_ecdh_handle_t handle, sce_ecdh_wrapped_key_t shared_secret_wrapped_key, uint32_t key_type, uint32_t kdf_type, uint8_t other_info, uint32_t other_info_length, sce_hmac_sha_wrapped_key_t salt_wrapped_key, sce_aes_wrapped_key_t *wrapped_key)

fsp_err_t	R_SCE_AES128ECB_EncryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES128ECB_EncryptUpdate (sce_aes_handle_t handle, uint8_t plain, uint8_t *cipher, uint32_t plain_length)

fsp_err_t	R_SCE_AES128ECB_EncryptFinal (sce_aes_handle_t handle, uint8_t cipher, uint32_t *cipher_length)

fsp_err_t	R_SCE_AES128ECB_DecryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES128ECB_DecryptUpdate (sce_aes_handle_t handle, uint8_t cipher, uint8_t *plain, uint32_t cipher_length)

fsp_err_t	R_SCE_AES128ECB_DecryptFinal (sce_aes_handle_t handle, uint8_t plain, uint32_t *plain_length)

fsp_err_t	R_SCE_AES256ECB_EncryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES256ECB_EncryptUpdate (sce_aes_handle_t handle, uint8_t plain, uint8_t *cipher, uint32_t plain_length)

fsp_err_t	R_SCE_AES256ECB_EncryptFinal (sce_aes_handle_t handle, uint8_t cipher, uint32_t *cipher_length)

fsp_err_t	R_SCE_AES256ECB_DecryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES256ECB_DecryptUpdate (sce_aes_handle_t handle, uint8_t cipher, uint8_t *plain, uint32_t cipher_length)

fsp_err_t	R_SCE_AES256ECB_DecryptFinal (sce_aes_handle_t handle, uint8_t plain, uint32_t *plain_length)

fsp_err_t	R_SCE_AES128CBC_EncryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector)

fsp_err_t	R_SCE_AES128CBC_EncryptUpdate (sce_aes_handle_t handle, uint8_t plain, uint8_t *cipher, uint32_t plain_length)

fsp_err_t	R_SCE_AES128CBC_EncryptFinal (sce_aes_handle_t handle, uint8_t cipher, uint32_t *cipher_length)

fsp_err_t	R_SCE_AES128CBC_DecryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector)

fsp_err_t	R_SCE_AES128CBC_DecryptUpdate (sce_aes_handle_t handle, uint8_t cipher, uint8_t *plain, uint32_t cipher_length)

fsp_err_t	R_SCE_AES128CBC_DecryptFinal (sce_aes_handle_t handle, uint8_t plain, uint32_t *plain_length)

fsp_err_t	R_SCE_AES256CBC_EncryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector)

fsp_err_t	R_SCE_AES256CBC_EncryptUpdate (sce_aes_handle_t handle, uint8_t plain, uint8_t *cipher, uint32_t plain_length)

fsp_err_t	R_SCE_AES256CBC_EncryptFinal (sce_aes_handle_t handle, uint8_t cipher, uint32_t *cipher_length)

fsp_err_t	R_SCE_AES256CBC_DecryptInit (sce_aes_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector)

fsp_err_t	R_SCE_AES256CBC_DecryptUpdate (sce_aes_handle_t handle, uint8_t cipher, uint8_t *plain, uint32_t cipher_length)

fsp_err_t	R_SCE_AES256CBC_DecryptFinal (sce_aes_handle_t handle, uint8_t plain, uint32_t *plain_length)

fsp_err_t	R_SCE_AES128GCM_EncryptInit (sce_gcm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)

fsp_err_t	R_SCE_AES128GCM_EncryptUpdate (sce_gcm_handle_t handle, uint8_t plain, uint8_t cipher, uint32_t plain_data_length, uint8_t aad, uint32_t aad_length)

fsp_err_t	R_SCE_AES128GCM_EncryptFinal (sce_gcm_handle_t handle, uint8_t cipher, uint32_t cipher_data_length, uint8_t atag)

fsp_err_t	R_SCE_AES128GCM_DecryptInit (sce_gcm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)

fsp_err_t	R_SCE_AES128GCM_DecryptUpdate (sce_gcm_handle_t handle, uint8_t cipher, uint8_t plain, uint32_t cipher_data_length, uint8_t aad, uint32_t aad_length)

fsp_err_t	R_SCE_AES128GCM_DecryptFinal (sce_gcm_handle_t handle, uint8_t plain, uint32_t plain_data_length, uint8_t atag, uint32_t atag_length)

fsp_err_t	R_SCE_AES256GCM_EncryptInit (sce_gcm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)

fsp_err_t	R_SCE_AES256GCM_EncryptUpdate (sce_gcm_handle_t handle, uint8_t plain, uint8_t cipher, uint32_t plain_data_length, uint8_t aad, uint32_t aad_length)

fsp_err_t	R_SCE_AES256GCM_EncryptFinal (sce_gcm_handle_t handle, uint8_t cipher, uint32_t cipher_data_length, uint8_t atag)

fsp_err_t	R_SCE_AES256GCM_DecryptInit (sce_gcm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)

fsp_err_t	R_SCE_AES256GCM_DecryptUpdate (sce_gcm_handle_t handle, uint8_t cipher, uint8_t plain, uint32_t cipher_data_length, uint8_t aad, uint32_t aad_length)

fsp_err_t	R_SCE_AES256GCM_DecryptFinal (sce_gcm_handle_t handle, uint8_t plain, uint32_t plain_data_length, uint8_t atag, uint32_t atag_length)

fsp_err_t	R_SCE_AES128CCM_EncryptInit (sce_ccm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t nonce, uint32_t nonce_length, uint8_t adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)

fsp_err_t	R_SCE_AES128CCM_EncryptUpdate (sce_ccm_handle_t handle, uint8_t plain, uint8_t *cipher, uint32_t plain_length)

fsp_err_t	R_SCE_AES128CCM_EncryptFinal (sce_ccm_handle_t handle, uint8_t cipher, uint32_t cipher_length, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_AES128CCM_DecryptInit (sce_ccm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t nonce, uint32_t nonce_length, uint8_t adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)

fsp_err_t	R_SCE_AES128CCM_DecryptUpdate (sce_ccm_handle_t handle, uint8_t cipher, uint8_t *plain, uint32_t cipher_length)

fsp_err_t	R_SCE_AES128CCM_DecryptFinal (sce_ccm_handle_t handle, uint8_t plain, uint32_t plain_length, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_AES256CCM_EncryptInit (sce_ccm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t nonce, uint32_t nonce_length, uint8_t adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)

fsp_err_t	R_SCE_AES256CCM_EncryptUpdate (sce_ccm_handle_t handle, uint8_t plain, uint8_t *cipher, uint32_t plain_length)

fsp_err_t	R_SCE_AES256CCM_EncryptFinal (sce_ccm_handle_t handle, uint8_t cipher, uint32_t cipher_length, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_AES256CCM_DecryptInit (sce_ccm_handle_t handle, sce_aes_wrapped_key_t wrapped_key, uint8_t nonce, uint32_t nonce_length, uint8_t adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)

fsp_err_t	R_SCE_AES256CCM_DecryptUpdate (sce_ccm_handle_t handle, uint8_t cipher, uint8_t *plain, uint32_t cipher_length)

fsp_err_t	R_SCE_AES256CCM_DecryptFinal (sce_ccm_handle_t handle, uint8_t plain, uint32_t plain_length, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_AES128CMAC_GenerateInit (sce_cmac_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES128CMAC_GenerateUpdate (sce_cmac_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_AES128CMAC_GenerateFinal (sce_cmac_handle_t handle, uint8_t mac)

fsp_err_t	R_SCE_AES128CMAC_VerifyInit (sce_cmac_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES128CMAC_VerifyUpdate (sce_cmac_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_AES128CMAC_VerifyFinal (sce_cmac_handle_t handle, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_AES256CMAC_GenerateInit (sce_cmac_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES256CMAC_GenerateUpdate (sce_cmac_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_AES256CMAC_GenerateFinal (sce_cmac_handle_t handle, uint8_t mac)

fsp_err_t	R_SCE_AES256CMAC_VerifyInit (sce_cmac_handle_t handle, sce_aes_wrapped_key_t wrapped_key)

fsp_err_t	R_SCE_AES256CMAC_VerifyUpdate (sce_cmac_handle_t handle, uint8_t message, uint32_t message_length)

fsp_err_t	R_SCE_AES256CMAC_VerifyFinal (sce_cmac_handle_t handle, uint8_t mac, uint32_t mac_length)

fsp_err_t	R_SCE_TLS_RootCertificateVerify (uint32_t public_key_type, uint8_t certificate, uint32_t certificate_length, uint32_t public_key_n_start_position, uint32_t public_key_n_end_position, uint32_t public_key_e_start_position, uint32_t public_key_e_end_position, uint8_t signature, uint32_t *encrypted_root_public_key)

fsp_err_t	R_SCE_TLS_CertificateVerify (uint32_t public_key_type, uint32_t encrypted_input_public_key, uint8_t certificate, uint32_t certificate_length, uint8_t signature, uint32_t public_key_n_start_position, uint32_t public_key_n_end_position, uint32_t public_key_e_start_position, uint32_t public_key_e_end_position, uint32_t encrypted_output_public_key)

fsp_err_t	R_SCE_TLS_PreMasterSecretGenerateForRSA2048 (uint32_t *sce_pre_master_secret)

fsp_err_t	R_SCE_TLS_MasterSecretGenerate (uint32_t select_cipher_suite, uint32_t sce_pre_master_secret, uint8_t client_random, uint8_t server_random, uint32_t sce_master_secret)

fsp_err_t	R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 (uint32_t encrypted_public_key, uint32_t sce_pre_master_secret, uint8_t *encrypted_pre_master_secret)

fsp_err_t	R_SCE_TLS_SessionKeyGenerate (uint32_t select_cipher_suite, uint32_t sce_master_secret, uint8_t client_random, uint8_t server_random, uint8_t nonce_explicit, sce_hmac_sha_wrapped_key_t client_mac_wrapped_key, sce_hmac_sha_wrapped_key_t server_mac_wrapped_key, sce_aes_wrapped_key_t client_crypto_wrapped_key, sce_aes_wrapped_key_t server_crypto_wrapped_key, uint8_t client_initial_vector, uint8_t server_initial_vector)

fsp_err_t	R_SCE_TLS_VerifyDataGenerate (uint32_t select_verify_data, uint32_t sce_master_secret, uint8_t hand_shake_hash, uint8_t *verify_data)

fsp_err_t	R_SCE_TLS_ServerKeyExchangeVerify (uint32_t public_key_type, uint8_t client_random, uint8_t server_random, uint8_t server_ephemeral_ecdh_public_key, uint8_t server_key_exchange_signature, uint32_t encrypted_public_key, uint32_t encrypted_ephemeral_ecdh_public_key)

fsp_err_t	R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1 (uint32_t encrypted_public_key, sce_tls_p256_ecc_wrapped_key_t tls_p256_ecc_wrapped_key, uint32_t *sce_pre_master_secret)

Detailed Description

Driver for the Secure Crypto Engine (SCE9) on RA MCUs.

Overview

This module provides SCE functions in protected mode.

Note: For a detailed description of the different SCE9 operating modes, refer to Application Note R11AN0498.

HW Overview

Crypto Peripheral version	Devices
SCE9 (Protected mode)	RA4M2, RA4M3, RA6M4, RA6M5

Features

The SCE module supports for the following features.

Cryptography
- Symmetric Encryption/Decryption
  - AES
    - ECB 128/256bit
    - CBC 128/256bit
    - GCM 128/256bit
    - CCM 128/256bit
- Asymmetric Encryption/Decryption
  - RSA
    - RSAES-PKCS1-V1_5 1024/2048bit
    - RSAES-PKCS1-V1_5 3072/4096bit (Encryption only)
    - RSASSA-PKCS1-V1_5 1024/2048bit
    - RSASSA-PKCS1-V1_5 3072/4096bit (Verification only)
  - ECC
    - ECDSA secp192r1/secp224r1/secp256r1/secp384r1
    - ECDH secp256r1
- Hash Functions
  - SHA-2
    - SHA-256
Message Authentication Code
- HMAC-SHA256bit
- AES-CMAC 128/256bit
Key Support
- AES 128/256bit
- AES Key Wrap/Key Unwrap 128/256bit
- RSA 1024/2048bit
- RSA 3072/4096bit (public key only)
- ECC secp192r1/secp224r1/secp256r1/secp384r1
- HMAC-SHA256bit
TRNG
TLS
- SSL / TLS support function (TLS1.2 compliant)

Configuration

Clock Configuration

This module does not require a specific clock configuration.

Pin Configuration

This module does not use I/O pins.

Usage Notes

Getting Started: Creating a SCE Protected Mode Project

Start by creating a new project in e² studio or RASC. On the Stacks tab, add New > Security > SCE Protected Mode. For information on how to install and update secure keys, refer to the Application Note R11AN0496.

Reducing intialization time

The SCE intialization sequence can be modified to support a smaller subset of features and allow for a shorter intialization period. This is particularly useful in cases where startup time is important and the cryptographic features that are required are known in advance. The current fast boot configuration option supports the cryptographic primitives requried by MCUBoot including:

RSA 3K/4K signature verification
ECC P256 signature verification
SHA224/256 and GHASH calcuation

Limitations

Usage of R_SCE_ECDSA_secp384r1_SignatureGenerate/Verify

The SCE does not support SHA-384 in hardware, so the APIs listed below require the user to create a SHA-384 function for signature generation and verification. To use the APIs listed below, enable SCE_USER_SHA_384_ENABLED on RA Smart Configurator and prepare a function called SCE_USER_SHA_384_FUNCTION. The interface of SCE_USER_SHA_384_FUNCTION, which is called by the following APIs, is described below.

SCE_USER_SHA_384_FUNCTION()

uint32_t SCE_USER_SHA_384_FUNCTION(uint8_t *message, uint8_t* digest, uint32_t message_length)

SHA-384 hash calculation is performed for an area extending the number of bytes specified by the argument message_length from the address specified by the argument message. The calculation result should be stored at the address specified by the argument digest.

Parameters

message	[in] Start address of message
digest	[in,out] address for storing hash calculation result (48 bytes)
message_length	[in] Effective byte count of message

Return values

0	Hash value stored successfully.
others	Storing of hash value failed.

Examples

AES Example

This is an example of AES-256 encryption and decryption.

static uint8_t plain[BLOCK * 2] =
{
    0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
    0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00
};
void r_sce_example_aes ()
{
    sce_aes_handle_t      handle;
    sce_aes_wrapped_key_t wrapped_key;
    uint8_t               cipher_calculated[32] = {0};
    uint8_t               plain_calculated[32]  = {0};
    uint32_t              dummy;
    /* SCE power on */
    R_SCE_Open(&sce_ctrl, &sce_cfg);
    /* Generate a random key */
    R_SCE_AES256_WrappedKeyGenerate(&wrapped_key);
    /* Encrypt a plain text */
    R_SCE_AES256ECB_EncryptInit(&handle, &wrapped_key);
    R_SCE_AES256ECB_EncryptUpdate(&handle, plain, cipher_calculated, BLOCK * 2);
    R_SCE_AES256ECB_EncryptFinal(&handle, cipher_calculated, &dummy);
    /* Decrypt a cipher text using same key as Encryption */
    R_SCE_AES256ECB_DecryptInit(&handle, &wrapped_key);
    R_SCE_AES256ECB_DecryptUpdate(&handle, cipher_calculated, plain_calculated, BLOCK * 2);
    R_SCE_AES256ECB_DecryptFinal(&handle, plain_calculated, &dummy);
    /* SCE power off */
    R_SCE_Close(&sce_ctrl);
    /* Compare plain and plain_calculated */
    if (memcmp(plain, plain_calculated, BLOCK * 2))
    {
        while (1)
        {
            /* plain and plain_calculated are different (incorrect) */
        }
    }
    else
    {
        while (1)
        {
            /* plain and plain_calculated are the same (correct) */
        }
    }
}

ECC Example

This is an example of ECC secp-256 signature generate and verify.

uint8_t ecc256_data_msg[] =
{
    's', 'a', 'm', 'p', 'l', 'e'
};
void r_sce_example_ecc ()
{
    sce_ecc_wrapped_pair_key_t wrapped_pair_key;
    sce_ecdsa_byte_data_t      message_hash =
    {
        0
    };
    sce_ecdsa_byte_data_t signature;
    uint8_t               out_data[HW_SCE_ECDSA_DATA_BYTE_SIZE];
    fsp_err_t             return_code;
    message_hash.data_length = sizeof(ecc256_data_msg);
    message_hash.pdata       = (uint8_t *) ecc256_data_msg;
    signature.pdata          = out_data;
    /* SCE power on */
    R_SCE_Open(&sce_ctrl, &sce_cfg);
    /* Generate a random pair key */
    R_SCE_ECC_secp256r1_WrappedKeyPairGenerate(&wrapped_pair_key);
    /* Generate a Signature */
    R_SCE_ECDSA_secp256r1_SignatureGenerate(&message_hash, &signature, &wrapped_pair_key.priv_key);
    /* Verify Signature and Public wrapped key */
    return_code = R_SCE_ECDSA_secp256r1_SignatureVerify(&signature, &message_hash, &wrapped_pair_key.pub_key);
    /* SCE power off */
    R_SCE_Close(&sce_ctrl);
    if (FSP_SUCCESS != return_code)
    {
        while (1)
        {
            /* Verify Fail */
        }
    }
    else
    {
        while (1)
        {
            /* Verify Success */
        }
    }
}

RSA Example

This is an example of RSA-2048 encryption and decryption.

uint8_t rsa_msg[256] =
{
    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
    0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
    0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
    0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
    0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
    0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
    0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
    0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
    0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
    0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
    0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
    0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
    0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
    0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
};
void r_sce_example_rsa () {
    sce_rsa2048_wrapped_pair_key_t wrapped_pair_key;
    sce_rsa_byte_data_t            plain;
    sce_rsa_byte_data_t            plain_dec;
    sce_rsa_byte_data_t            cipher;
    uint8_t enc_cipher[HW_SCE_RSA_2048_DATA_BYTE_SIZE];
    uint8_t dec_plain[HW_SCE_RSA_2048_DATA_BYTE_SIZE];
    plain.data_length     = sizeof(rsa_msg) - PADDING_MINIMUM_BYTE_SIZE;
    plain.pdata           = (uint8_t *) rsa_msg;
    plain_dec.data_length = sizeof(dec_plain);
    plain_dec.pdata       = dec_plain;
    cipher.data_length    = sizeof(enc_cipher);
    cipher.pdata          = enc_cipher;
    /* SCE power on */
    R_SCE_Open(&sce_ctrl, &sce_cfg);
    /* Generate a random key */
    R_SCE_RSA2048_WrappedKeyPairGenerate(&wrapped_pair_key);
    /* Encrypt a plain data */
    R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher, &wrapped_pair_key.pub_key);
    /* Decrypt a plain data */
    R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain_dec, &wrapped_pair_key.priv_key);
    /* SCE power off */
    R_SCE_Close(&sce_ctrl);
    /* Compare plain_dec and plain */
    if (0 != memcmp(plain_dec.pdata, plain.pdata, plain_dec.data_length))
    {
        while (1)
        {
            /* plain_dec and plain are different (incorrect) */
        }
    }
    else
    {
        while (1)
        {
            /* plain_dec and plain are the same (correct) */
        }
    }
}

HASH Example

This is an example of calculating the SHA256 hash.

uint8_t message[] =
{
    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
};
uint8_t hash[] =
{
    0x63, 0x0d, 0xcd, 0x29, 0x66, 0xc4, 0x33, 0x66, 0x91, 0x12, 0x54, 0x48, 0xbb, 0xb2, 0x5b, 0x4f,
    0xf4, 0x12, 0xa4, 0x9c, 0x73, 0x2d, 0xb2, 0xc8, 0xab, 0xc1, 0xb8, 0x58, 0x1b, 0xd7, 0x10, 0xdd
};
void r_sce_example_hash ()
{
    sce_sha_md5_handle_t handle;
    uint8_t              digest[HW_SCE_SHA256_HASH_LENGTH_BYTE_SIZE] = {0};
    uint32_t             digest_length = 0;
    /* SCE power on */
    R_SCE_Open(&sce_ctrl, &sce_cfg);
    /* Encrypt a message text */
    R_SCE_SHA256_Init(&handle);
    R_SCE_SHA256_Update(&handle, &message, HW_SCE_SHA256_HASH_LENGTH_BYTE_SIZE);
    R_SCE_SHA256_Final(&handle, &digest, &digest_length);
    /* SCE power off */
    R_SCE_Close(&sce_ctrl);
    /* Compare digest and hash */
    if (0 != memcmp(digest, hash, digest_length))
    {
        while (1)
        {
            /* digest and hash are different (incorrect) */
        }
    }
    else
    {
        while (1)
        {
            /* digest and hash are the same (correct) */
        }
    }
}

Data Structures
struct	sce_instance_ctrl_t

Data Structure Documentation

◆ sce_instance_ctrl_t

struct sce_instance_ctrl_t

SCE private control block. DO NOT MODIFY. Initialization occurs when R_SCE_Open() is called.

Function Documentation

◆ R_SCE_RSASSA_PKCS1024_SignatureGenerate()

fsp_err_t R_SCE_RSASSA_PKCS1024_SignatureGenerate	(	sce_rsa_byte_data_t *	message_hash,
		sce_rsa_byte_data_t *	signature,
		sce_rsa1024_private_wrapped_key_t *	wrapped_key,
		uint8_t	hash_type
	)

The R_SCE_RSASSA_PKCS1024_SignatureGenerate() function generates, in accordance with RSASSA-PKCS1-V1_5, a signature from the message text or hash value that is input in the first argument, message_hash, using the private wrapped key input to the third argument, wrapped_key, and writes the signature text to the second argument, signature. When a message is specified in the first argument, message_hash->data_type, a hash value is calculated for the message as specified by the fourth argument, hash_type. When specifying a hash value in the first argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters

[in]	message_hash	Message or hash value to which to attach signature message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing the signature text signature->data_length : data length
[in]	wrapped_key	Inputs the 1024-bit RSA private wrapped key.
[in]	hash_type	Only HW_SCE_RSA_HASH_SHA256 is supported

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS1024_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS1024_SignatureVerify	(	sce_rsa_byte_data_t *	signature,
		sce_rsa_byte_data_t *	message_hash,
		sce_rsa1024_public_wrapped_key_t *	wrapped_key,
		uint8_t	hash_type
	)

The R_SCE_RSASSA_PKCS1024_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters

[in]	signature	Signature text information to verify signature->pdata : Specifies pointer to array storing the signature text signature->data_length : Specifies effective data length of the array
[in]	message_hash	Message text or hash value to verify message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Inputs the 1024-bit RSA public wrapped key.
[in]	hash_type	Only HW_SCE_RSA_HASH_SHA256 is supported

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS1024_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS1024_Encrypt	(	sce_rsa_byte_data_t *	plain,
		sce_rsa_byte_data_t *	cipher,
		sce_rsa1024_public_wrapped_key_t *	wrapped_key
	)

The R_SCE_RSAES_PKCS1024_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters

[in]	plain	plaintext plain->pdata : Specifies pointer to array containing plaintext. plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]	cipher	ciphertext cipher->pdata : Specifies pointer to array containing ciphertext. cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]	wrapped_key	Inputs the 1024-bit RSA public wrapped key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Incorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS1024_Decrypt()

fsp_err_t R_SCE_RSAES_PKCS1024_Decrypt	(	sce_rsa_byte_data_t *	cipher,
		sce_rsa_byte_data_t *	plain,
		sce_rsa1024_private_wrapped_key_t *	wrapped_key
	)

The R_SCE_RSAES_PKCS1024_Decrypt() function RSA-decrypts the ciphertext input to the first argument, cipher, according to RSAES-PKCS1-V1_5. It writes the decryption result to the second argument, plain.

Parameters

[in]	cipher	ciphertext cipher->pdata : Specifies pointer to array containing ciphertext. cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in,out]	plain	plaintext plain->pdata : Specifies pointer to array containing plaintext. plain->data_length : Inputs plaintext buffer size. The following size is required. Plaintext buffer size >= public key n size -11. Outputs valid data length after decryption (public key n size).
[in]	wrapped_key	Inputs the 1024-bit RSA private wrapped key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Incorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS2048_SignatureGenerate()

fsp_err_t R_SCE_RSASSA_PKCS2048_SignatureGenerate	(	sce_rsa_byte_data_t *	message_hash,
		sce_rsa_byte_data_t *	signature,
		sce_rsa2048_private_wrapped_key_t *	wrapped_key,
		uint8_t	hash_type
	)

The R_SCE_RSASSA_PKCS2048_SignatureGenerate() function generates, in accordance with RSASSA-PKCS1-V1_5, a signature from the message text or hash value that is input in the first argument, message_hash, using the private wrapped key input to the third argument, wrapped_key, and writes the signature text to the second argument, signature. When a message is specified in the first argument, message_hash->data_type, a hash value is calculated for the message as specified by the fourth argument, hash_type. When specifying a hash value in the first argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters

[in]	message_hash	Message or hash value to which to attach signature message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing the signature text signature->data_length : data length
[in]	wrapped_key	Inputs the 2048-bit RSA private wrapped key.
[in]	hash_type	Only HW_SCE_RSA_HASH_SHA256 is supported

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS2048_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS2048_SignatureVerify	(	sce_rsa_byte_data_t *	signature,
		sce_rsa_byte_data_t *	message_hash,
		sce_rsa2048_public_wrapped_key_t *	wrapped_key,
		uint8_t	hash_type
	)

The R_SCE_RSASSA_PKCS2048_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters

[in]	signature	Signature text information to verify signature->pdata : Specifies pointer to array storing the signature text signature->data_length : Specifies effective data length of the array
[in]	message_hash	Message text or hash value to verify message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Inputs the 1024-bit RSA public wrapped key.
[in]	hash_type	Only HW_SCE_RSA_HASH_SHA256 is supported

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS3072_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS3072_SignatureVerify	(	sce_rsa_byte_data_t *	signature,
		sce_rsa_byte_data_t *	message_hash,
		sce_rsa3072_public_wrapped_key_t *	wrapped_key,
		uint8_t	hash_type
	)

The R_SCE_RSASSA_PKCS3072_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters

[in]	signature	Signature text information to verify signature->pdata : Specifies pointer to array storing the signature text signature->data_length : Specifies effective data length of the array
[in]	message_hash	Message text or hash value to verify message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Inputs the 3072-bit RSA public wrapped key.
[in]	hash_type	Only HW_SCE_RSA_HASH_SHA256 is supported

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS4096_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS4096_SignatureVerify	(	sce_rsa_byte_data_t *	signature,
		sce_rsa_byte_data_t *	message_hash,
		sce_rsa4096_public_wrapped_key_t *	wrapped_key,
		uint8_t	hash_type
	)

The R_SCE_RSASSA_PKCS4096_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters

[in]	signature	Signature text information to verify signature->pdata : Specifies pointer to array storing the signature text signature->data_length : Specifies effective data length of the array
[in]	message_hash	Message text or hash value to verify message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Inputs the 1024-bit RSA public wrapped key.
[in]	hash_type	Only HW_SCE_RSA_HASH_SHA256 is supported

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS2048_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS2048_Encrypt	(	sce_rsa_byte_data_t *	plain,
		sce_rsa_byte_data_t *	cipher,
		sce_rsa2048_public_wrapped_key_t *	wrapped_key
	)

The R_SCE_RSAES_PKCS2048_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters

[in]	plain	plaintext plain->pdata : Specifies pointer to array containing plaintext. plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]	cipher	ciphertext cipher->pdata : Specifies pointer to array containing ciphertext. cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]	wrapped_key	Inputs the 2048-bit RSA public wrapped key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Incorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS2048_Decrypt()

fsp_err_t R_SCE_RSAES_PKCS2048_Decrypt	(	sce_rsa_byte_data_t *	cipher,
		sce_rsa_byte_data_t *	plain,
		sce_rsa2048_private_wrapped_key_t *	wrapped_key
	)

The R_SCE_RSAES_PKCS2048_Decrypt() function RSA-decrypts the ciphertext input to the first argument, cipher, according to RSAES-PKCS1-V1_5. It writes the decryption result to the second argument, plain.

Parameters

[in]	cipher	ciphertext cipher->pdata : Specifies pointer to array containing ciphertext. cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in,out]	plain	plaintext plain->pdata : Specifies pointer to array containing plaintext. plain->data_length : Inputs plaintext buffer size. The following size is required. Plaintext buffer size >= public key n size -11. Outputs valid data length after decryption (public key n size).
[in]	wrapped_key	Inputs the 1024-bit RSA private wrapped key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Incorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS3072_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS3072_Encrypt	(	sce_rsa_byte_data_t *	plain,
		sce_rsa_byte_data_t *	cipher,
		sce_rsa3072_public_wrapped_key_t *	wrapped_key
	)

The R_SCE_RSAES_PKCS3072_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters

[in]	plain	plaintext plain->pdata : Specifies pointer to array containing plaintext. plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]	cipher	ciphertext cipher->pdata : Specifies pointer to array containing ciphertext. cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]	wrapped_key	Inputs the 3072-bit RSA public wrapped key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Incorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS4096_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS4096_Encrypt	(	sce_rsa_byte_data_t *	plain,
		sce_rsa_byte_data_t *	cipher,
		sce_rsa4096_public_wrapped_key_t *	wrapped_key
	)

The R_SCE_RSAES_PKCS4096_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters

[in]	plain	plaintext plain->pdata : Specifies pointer to array containing plaintext. plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]	cipher	ciphertext cipher->pdata : Specifies pointer to array containing ciphertext. cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]	wrapped_key	Inputs the 4096-bit RSA public wrapped key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Incorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256_Init()

fsp_err_t R_SCE_SHA256_Init ( sce_sha_md5_handle_t * handle )

The R_SCE_SHA256_Init() function performs preparations for the execution of an SHA-256 hash calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_SHA256_Update() function and R_SCE_SHA256_Final() function.

Parameters

[in,out] handle SHA handler (work area)

Return values

FSP_SUCCESS Normal termination

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256_Update()

fsp_err_t R_SCE_SHA256_Update	(	sce_sha_md5_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_SHA256_Update() function calculates a hash value based on the second argument, message, and the third argument, message_length, and writes the ongoing status to the first argument, handle. After message input is completed, call R_SCE_SHA256_Final().

Parameters

[in,out]	handle	SHA handler (work area)
[in]	message	message data area
[in]	message_length	message data length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256_Final()

fsp_err_t R_SCE_SHA256_Final	(	sce_sha_md5_handle_t *	handle,
		uint8_t *	digest,
		uint32_t *	digest_length
	)

Using the handle specified in the first argument, handle, the R_SCE_SHA256_Final() function writes the calculation result to the second argument, digest, and writes the length of the calculation result to the third argument, digest_length.

Parameters

[in,out]	handle	SHA handler (work area)
[in,out]	digest	hasha data area
[in,out]	digest_length	hash data length (32bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_GenerateInit()

fsp_err_t R_SCE_SHA256HMAC_GenerateInit	(	sce_hmac_sha_handle_t *	handle,
		sce_hmac_sha_wrapped_key_t *	wrapped_key
	)

The R_SCE_SHA256HMAC_GenerateInit() function uses the second argument wrapped_key to prepare for execution of SHA256-HMAC calculation, then writes the result to the first argument handle. The argument handle is used by the subsequent R_SCE_SHA256HMAC_GenerateUpdate() function or R_SCE_SHA256HMAC_GenerateFinal() function.

Parameters

[in,out]	handle	SHA-HMAC handler (work area)
[in]	wrapped_key	MAC wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	An invalid MAC wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_GenerateUpdate()

fsp_err_t R_SCE_SHA256HMAC_GenerateUpdate	(	sce_hmac_sha_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_SHA256HMAC_GenerateUpdate() function uses the handle specified by the first argument handle, calculates a hash value from the second argument message and third argument message_length, then writes the intermediate result to the first argument handle. After message input finishes, call the R_SCE_SHA256HMAC_GenerateFinal() function.

Parameters

[in,out]	handle	SHA-HMAC handle (work area)
[in]	message	Message area
[in]	message_length	Message length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_GenerateFinal()

fsp_err_t R_SCE_SHA256HMAC_GenerateFinal	(	sce_hmac_sha_handle_t *	handle,
		uint8_t *	mac
	)

The R_SCE_SHA256HMAC_GenerateFinal() function uses the handle specified by the first argument handle and writes the calculation result to the second argument mac.

Parameters

[in,out]	handle	SHA-HMAC handle (work area)
[in,out]	mac	HMAC area (32 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_VerifyInit()

fsp_err_t R_SCE_SHA256HMAC_VerifyInit	(	sce_hmac_sha_handle_t *	handle,
		sce_hmac_sha_wrapped_key_t *	wrapped_key
	)

The R_SCE_SHA256HMAC_VerifyInit() function uses the second argument wrapped_key to prepare for execution of SHA256-HMAC calculation, then writes the result to the first argument handle. The argument handle is used by the subsequent R_SCE_SHA256HMAC_VerifyUpdate() function or R_SCE_SHA256HMAC_VerifyFinal() function.

Parameters

[in,out]	handle	SHA-HMAC handler (work area)
[in]	wrapped_key	MAC wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	An invalid MAC wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_VerifyUpdate()

fsp_err_t R_SCE_SHA256HMAC_VerifyUpdate	(	sce_hmac_sha_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_SHA256HMAC_VerifyUpdate() function uses the handle specified by the first argument handle, calculates a hash value from the second argument message and third argument message_length, then writes the intermediate result to the first argument handle. After message input finishes, call the R_SCE_SHA256HMAC_VerifyFinal() function.

Parameters

[in,out]	handle	SHA-HMAC handle (work area)
[in]	message	Message area
[in]	message_length	Message length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_VerifyFinal()

fsp_err_t R_SCE_SHA256HMAC_VerifyFinal	(	sce_hmac_sha_handle_t *	handle,
		uint8_t *	mac,
		uint32_t	mac_length
	)

The R_SCE_SHA256HMAC_VerifyFinal() function uses the handle specified by the first argument handle and verifies the mac value from the second argument mac and third argument mac_length. Input a value in bytes from 4 to 32 as mac_length.

Parameters

[in,out]	handle	SHA-HMAC handle (work area)
[in]	mac	HMAC area
[in]	mac_length	HMAC length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_Open()

fsp_err_t R_SCE_Open	(	sce_ctrl_t *const	p_ctrl,
		sce_cfg_t const *const	p_cfg
	)

Enables use of SCE functionality.

Parameters

[in]	p_ctrl	Pointer to control structure.
[in]	p_cfg	Pointer to pin configuration structure.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	The error-detection self-test failed to terminate normally.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_RETRY	Indicates that an entropy evaluation failure occurred. Run the function again.

Returns: See Common Error Codes or functions called by this function for other possible return codes.

Note: The valid pre-run state is SCE disabled. The pre-run state is SCE Disabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_Close()

fsp_err_t R_SCE_Close ( sce_ctrl_t *const p_ctrl )

Stops supply of power to the SCE.

Parameters

[in] p_ctrl Pointer to control structure.

Return values

FSP_SUCCESS Normal termination

Note: The pre-run state is any state. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_SoftwareReset()

fsp_err_t R_SCE_SoftwareReset ( void )

Software reset to SCE.

Reverts the state to the SCE initial state.

Return values

FSP_SUCCESS Normal termination

Note: The pre-run state is any state. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_RandomNumberGenerate()

fsp_err_t R_SCE_RandomNumberGenerate ( uint32_t * random )

This API can generate 4 words random number.

Parameters

[in,out] random Stores 4words (16 bytes) random data.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128_WrappedKeyGenerate()

fsp_err_t R_SCE_AES128_WrappedKeyGenerate ( sce_aes_wrapped_key_t * wrapped_key )

This API outputs 128-bit AES wrapped key from a random number.

This API generates a wrapped key from a random number in the SCE. Accordingly, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.

Parameters

[in,out] wrapped_key 128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_AES256_WrappedKeyGenerate()

fsp_err_t R_SCE_AES256_WrappedKeyGenerate ( sce_aes_wrapped_key_t * wrapped_key )

This API outputs 256-bit AES wrapped key from a random number.

This API generates a wrapped key from a random number in the SCE. Accordingly, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.

Parameters

[in,out] wrapped_key 256-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_AES128_EncryptedKeyWrap()

fsp_err_t R_SCE_AES128_EncryptedKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_aes_wrapped_key_t *	wrapped_key
	)

This API wraps 128-bit AES key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256_EncryptedKeyWrap()

fsp_err_t R_SCE_AES256_EncryptedKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_aes_wrapped_key_t *	wrapped_key
	)

This API wraps 256-bit AES key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	256-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128_RFC3394KeyWrap()

fsp_err_t R_SCE_AES128_RFC3394KeyWrap	(	sce_aes_wrapped_key_t *	master_key,
		uint32_t	target_key_type,
		sce_aes_wrapped_key_t *	target_key,
		uint32_t *	rfc3394_wrapped_key
	)

This API wraps 128-bit AES key within the user routine.

Parameters

[in]	master_key	AES-128 key used for wrapping.
[in]	target_key_type	Selects key to be wrapped.
[in]	target_key	Key to be wrapped.
[out]	rfc3394_wrapped_key	Wrapped key.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	Resource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

◆ R_SCE_AES256_RFC3394KeyWrap()

fsp_err_t R_SCE_AES256_RFC3394KeyWrap	(	sce_aes_wrapped_key_t *	master_key,
		uint32_t	target_key_type,
		sce_aes_wrapped_key_t *	target_key,
		uint32_t *	rfc3394_wrapped_key
	)

This API wraps 256-bit AES key within the user routine.

Parameters

[in]	master_key	AES-256 key used for wrapping.
[in]	target_key_type	Selects key to be wrapped.
[in]	target_key	Key to be wrapped.
[out]	rfc3394_wrapped_key	Wrapped key.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	Resource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

◆ R_SCE_AES128_RFC3394KeyUnwrap()

fsp_err_t R_SCE_AES128_RFC3394KeyUnwrap	(	sce_aes_wrapped_key_t *	master_key,
		uint32_t	target_key_type,
		uint32_t *	rfc3394_wrapped_key,
		sce_aes_wrapped_key_t *	target_key
	)

This API unwraps 128-bit AES key within the user routine.

Parameters

[in]	master_key	AES-128 key used for unwrapping.
[in]	target_key_type	Selects key to be unwrapped.
[in]	rfc3394_wrapped_key	Wrapped key.
[out]	target_key	Key to be unwrapped.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	Resource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

◆ R_SCE_AES256_RFC3394KeyUnwrap()

fsp_err_t R_SCE_AES256_RFC3394KeyUnwrap	(	sce_aes_wrapped_key_t *	master_key,
		uint32_t	target_key_type,
		uint32_t *	rfc3394_wrapped_key,
		sce_aes_wrapped_key_t *	target_key
	)

This API unwraps 256-bit AES key within the user routine.

Parameters

[in]	master_key	AES-256 key used for unwrapping.
[in]	target_key_type	Selects key to be unwrapped.
[in]	rfc3394_wrapped_key	Wrapped key.
[out]	target_key	Key to be unwrapped.

Return values

FSP_SUCCESS	Normal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	Resource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

◆ R_SCE_SHA256HMAC_EncryptedKeyWrap()

fsp_err_t R_SCE_SHA256HMAC_EncryptedKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_hmac_sha_wrapped_key_t *	wrapped_key
	)

This API wraps HMAC-SHA256 key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	HMAC-SHA256 wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA1024_WrappedKeyPairGenerate()

fsp_err_t R_SCE_RSA1024_WrappedKeyPairGenerate ( sce_rsa1024_wrapped_pair_key_t * wrapped_pair_key )

This API outputs a wrapped key pair for a 1024-bit RSA public key and private key pair. These keys are generated from a random value produced internally by the SCE. Consequently, there is no need to input a user key. Dead copying of data can be prevented by encrypting the data using the wrapped key output by this API. A public wrapped key is generated by wrapped_pair_key->pub_key, and a private wrapped key is generated by wrapped_pair_key->priv_key. As the public key exponent, only 0x00010001 is generated.

Parameters

[in,out] wrapped_pair_key User key index for RSA 1024-bit public key and private key pair

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred. Key generation failed.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA2048_WrappedKeyPairGenerate()

fsp_err_t R_SCE_RSA2048_WrappedKeyPairGenerate ( sce_rsa2048_wrapped_pair_key_t * wrapped_pair_key )

This API outputs a wrapped key pair for a 2048-bit RSA public key and private key pair. These keys are generated from a random value produced internally by the SCE. Consequently, there is no need to input a user key. Dead copying of data can be prevented by encrypting the data using the wrapped key output by this API. A public wrapped key is generated by wrapped_pair_key->pub_key, and a private wrapped key is generated by wrapped_pair_key->priv_key. As the public key exponent, only 0x00010001 is generated.

Parameters

[in,out] wrapped_pair_key User key index for RSA 2048-bit public key and private key pair

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred. Key generation failed.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA1024_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA1024_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_rsa1024_public_wrapped_key_t *	wrapped_key
	)

This API wraps 1024-bit RSA public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	1024-bit RSA public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA1024_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_RSA1024_EncryptedPrivateKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_rsa1024_private_wrapped_key_t *	wrapped_key
	)

This API wraps 1024-bit RSA private key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	1024-bit RSA private wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA2048_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA2048_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_rsa2048_public_wrapped_key_t *	wrapped_key
	)

This API wraps 2048-bit RSA public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	1024-bit RSA public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA2048_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_RSA2048_EncryptedPrivateKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_rsa2048_private_wrapped_key_t *	wrapped_key
	)

This API wraps 2048-bit RSA private key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	2048-bit RSA private wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA3072_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA3072_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_rsa3072_public_wrapped_key_t *	wrapped_key
	)

This API wraps 3072-bit RSA public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	3072-bit RSA public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA4096_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA4096_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_rsa4096_public_wrapped_key_t *	wrapped_key
	)

This API wraps 4096-bit RSA public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	1024-bit RSA public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp192r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp192r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t * wrapped_pair_key )

This is an API for outputting a wrapped key pair for secp192r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters

[in,out] wrapped_pair_key Wrapped pair key for secp192r1 public key and private key pair

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp224r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp224r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t * wrapped_pair_key )

This is an API for outputting a wrapped key pair for secp224r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters

[in,out] wrapped_pair_key Wrapped pair key for secp224r1 public key and private key pair

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp256r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp256r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t * wrapped_pair_key )

This is an API for outputting a wrapped key pair for secp256r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters

[in,out] wrapped_pair_key Wrapped pair key for secp256r1 public key and private key pair

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp384r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp384r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t * wrapped_pair_key )

This is an API for outputting a wrapped key pair for secp384r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters

[in,out] wrapped_pair_key Wrapped pair key for secp384r1 public key and private key pair

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

This API wraps secp192r1 public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp192r1 public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

This API wraps secp224r1 public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp224r1 public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

This API wraps secp256r1 public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp256r1 public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

This API wraps secp384r1 public key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp384r1 public wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

This API wraps secp192r1 private key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp192r1 private wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

This API wraps secp224r1 private key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp224r1 private wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

This API wraps secp256r1 private key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp256r1 private wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap	(	uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_key_update_key_t *	key_update_key,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

This API wraps secp384r1 private key within the user routine.

Parameters

[in]	initial_vector	Initialization vector when generating encrypted_key
[in]	encrypted_key	User key encryptedand MAC appended
[in]	key_update_key	Key update keyring
[in,out]	wrapped_key	secp384r1 private wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall()

fsp_err_t R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall	(	uint8_t *	encrypted_provisioning_key,
		uint8_t *	initial_vector,
		uint8_t *	encrypted_key,
		sce_tls_ca_certification_public_wrapped_key_t *	wrapped_key
	)

Generate TLS RSA Public key index data

Parameters

[in]	encrypted_provisioning_key	the provisioning key includes encrypted CBC/CBC-MAC key for user key
[in]	initial_vector	the initial_vector for user key CBC encrypt
[in]	encrypted_key	the user key encrypted with AES128-ECB mode
[out]	wrapped_key	the user Key Generation Information (141 words) of RSA2048 bit

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate()

fsp_err_t R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate	(	sce_tls_p256_ecc_wrapped_key_t *	tls_p256_ecc_wrapped_key,
		uint8_t *	ephemeral_ecdh_public_key
	)

Generate TLS ECC key pair

Parameters

[in]	tls_p256_ecc_wrapped_key	P256 ECC key index for TLS
[in]	ephemeral_ecdh_public_key	ephemeral ECDH public key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp192r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp192r1_SignatureGenerate	(	sce_ecdsa_byte_data_t *	message_hash,
		sce_ecdsa_byte_data_t *	signature,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

When a message is specified in the first argument, message_hash->data_type, a SHA-256 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp192r1 using the private wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 24 bytes of the SHA-256 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp192r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters

[in]	message_hash	Message or hash value to which to attach signature message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (64 bits) \|\| signature r (192 bits) \|\| 0 padding (64 bits) \|\| signature s (192 bits)". signature->data_length : Data length (byte units)
[in]	wrapped_key	Input wrapped key of secp192r1 private key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp224r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp224r1_SignatureGenerate	(	sce_ecdsa_byte_data_t *	message_hash,
		sce_ecdsa_byte_data_t *	signature,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

When a message is specified in the first argument, message_hash->data_type, a SHA-256 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp224r1 using the private wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 28 bytes of the SHA-256 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp224r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters

[in]	message_hash	Message or hash value to which to attach signature message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (32 bits) \|\| signature r (224 bits) \|\| 0 padding (32 bits) \|\| signature s (224 bits)". signature->data_length : Data length (byte units)
[in]	wrapped_key	Input wrapped key of secp224r1 private key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp256r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp256r1_SignatureGenerate	(	sce_ecdsa_byte_data_t *	message_hash,
		sce_ecdsa_byte_data_t *	signature,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

When a message is specified in the first argument, message_hash->data_type, a SHA-256 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp256r1 using the private wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 32 bytes of the SHA-256 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp256r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters

[in]	message_hash	Message or hash value to which to attach signature message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (256 bits) \|\| signature s (256 bits)". signature->data_length : Data length (byte units)
[in]	wrapped_key	Input wrapped key of secp256r1 private key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp384r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp384r1_SignatureGenerate	(	sce_ecdsa_byte_data_t *	message_hash,
		sce_ecdsa_byte_data_t *	signature,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

When a message is specified in the first argument, message_hash->data_type, a SHA-384 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp384r1 using the private wrapped key input as the third argument, wrapped_key.

To use message input, prepare a user-defined function for SHA384.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 48 bytes of the SHA-384 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp384r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters

[in]	message_hash	Message or hash value to which to attach signature message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (384 bits) \|\| signature s (384 bits)". signature->data_length : Data length (byte units)
[in]	wrapped_key	Input wrapped key of secp384r1 private key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp192r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp192r1_SignatureVerify	(	sce_ecdsa_byte_data_t *	signature,
		sce_ecdsa_byte_data_t *	message_hash,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp192r1 using the public wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 24 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp192r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters

[in]	signature	Signature text information to be verified signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (64 bits) \|\| signature r (192 bits) \|\| 0 padding (64 bits) \|\| signature s (192 bits)". signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]	message_hash	Message or hash value to be verified message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Input wrapped key of secp192r1 public key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp224r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp224r1_SignatureVerify	(	sce_ecdsa_byte_data_t *	signature,
		sce_ecdsa_byte_data_t *	message_hash,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp224r1 using the public wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 28 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp224r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters

[in]	signature	Signature text information to be verified signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (32 bits) \|\| signature r (224 bits) \|\| 0 padding (32 bits) \|\| signature s (224 bits)". signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]	message_hash	Message or hash value to be verified message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Input wrapped key of secp224r1 public key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp256r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp256r1_SignatureVerify	(	sce_ecdsa_byte_data_t *	signature,
		sce_ecdsa_byte_data_t *	message_hash,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp256r1 using the public wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 32 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp256r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters

[in]	signature	Signature text information to be verified signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (256 bits) \|\| signature s (256 bits)". signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]	message_hash	Message or hash value to be verified message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Input wrapped key of secp256r1 public key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp384r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp384r1_SignatureVerify	(	sce_ecdsa_byte_data_t *	signature,
		sce_ecdsa_byte_data_t *	message_hash,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp384r1 using the public wrapped key input as the third argument, wrapped_key.

To use message input, prepare a user-defined function for SHA384.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 48 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp384r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters

[in]	signature	Signature text information to be verified signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (384 bits) \|\| signature s (384 bits)". signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]	message_hash	Message or hash value to be verified message_hash->pdata : Specifies pointer to array storing the message or hash value message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected) message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]	wrapped_key	Input wrapped key of secp384r1 public key.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_Init()

fsp_err_t R_SCE_ECDH_secp256r1_Init	(	sce_ecdh_handle_t *	handle,
		uint32_t	key_type,
		uint32_t	use_key_id
	)

The R_SCE_ECDH_secp256r1_Init() function prepares to perform ECDH key exchange computation and writes the result to the first argument, handle. The succeeding functions R_SCE_ECDH_secp256r1_PublicKeySign(), R_SCE_ECDH_secp256r1_PublicKeyVerify(), R_SCE_ECDH_secp256r1_SharedSecretCalculate(), and R_SCE_ECDH_secp256r1_KeyDerivation() use handle as an argument.

Use the second argument, key_type, to select the type of ECDH key exchange. When ECDHE is selected, the R_SCE_ECDH_secp256r1_PublicKeySign() function uses the SCE's random number generation functionality to generate an secp256r1 key pair. When ECDH is selected, keys installed beforehand are used for key exchange.

Input 1 as the third argument, use_key_id, to use key_id when key exchange is performed. key_id is for applications conforming to the DLMS/COSEM standard for smart meters.

Parameters

[in,out]	handle	ECDH handler (work area)
[in]	key_type	Key exchange type (0: ECDHE, 1: ECDH, 2:ECDH(AES-GCM-128 with IV))
[in]	use_key_id	0: key_id not used, 1: key_id used

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is invalid.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_PublicKeySign()

fsp_err_t R_SCE_ECDH_secp256r1_PublicKeySign	(	sce_ecdh_handle_t *	handle,
		sce_ecc_public_wrapped_key_t *	ecc_public_wrapped_key,
		sce_ecc_private_wrapped_key_t *	ecc_private_wrapped_key,
		uint8_t *	public_key,
		sce_ecdsa_byte_data_t *	signature,
		sce_ecc_private_wrapped_key_t *	wrapped_key
	)

The R_SCE_ECDH_secp256r1_PublicKeySign() function calculates a signature for a public key user wrapped key used for ECDH key exchange.

If ECDHE is specified by the key_type argument of the R_SCE_ECDH_secp256r1_Init() function, the SCE's random number generation functionality is used to generate an secp256r1 key pair. The public key is output to public_key and the private key is output to wrapped_key.

If ECDH is specified by the key_type argument of the R_SCE_ECDH_secp256r1_Init() function, the public key input as ecc_public_wrapped_key is output to public_key and nothing is output to wrapped_key.

The succeeding function R_SCE_ECDH_secp256r1_SharedSecretCalculate() uses the first argument, handle, as an argument. R_SCE_ECDH_secp256r1_SharedSecretCalculate() function uses wrapped_key as input to calculate Z.

Parameters

[in,out]	handle	ECDH handler (work area) When using key_id, input handle->key_id after running R_SCE_ECDH_secp256r1_Init().
[in]	ecc_public_wrapped_key	For ECDHE, input a null pointer. For ECDH, input the wrapped key of a secp256r1 public key.
[in]	ecc_private_wrapped_key	secp256r1 private key for signature generation
[in,out]	public_key	User secp256r1 public key (512-bit) for key exchange. When using key_id, key_id (8-bit) \|\| public key (512-bit) \|\| 0 padding (24-bit)
[in,out]	signature	Signature text storage destination information signature->pdata : Specifies pointer to array storing signature text. The signature format is "signature r (256 bits) \|\| signature s (256 bits)" signature->data_length : Data length (in byte units)
[in,out]	wrapped_key	For ECDHE, a private wrapped key generated from a random number. Not output for ECDH.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_PublicKeyVerify()

fsp_err_t R_SCE_ECDH_secp256r1_PublicKeyVerify	(	sce_ecdh_handle_t *	handle,
		sce_ecc_public_wrapped_key_t *	ecc_public_wrapped_key,
		uint8_t *	public_key_data,
		sce_ecdsa_byte_data_t *	signature,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

The R_SCE_ECDH_secp256r1_PublicKeyVerify() function verifies the signature of the secp256r1 public key of the other ECDH key exchange party. If the signature is correct, it outputs the public wrapped key to the fifth argument. The first argument, handle, is used as an argument in the subsequent function R_SCE_ECDH_secp256r1_SharedSecretCalculate(). R_SCE_ECDH_secp256r1_SharedSecretCalculate() uses wrapped_key as input to calculate Z.

Parameters

[in,out]	handle	ECDH handler (work area)
[in]	ecc_public_wrapped_key	Public wrapped key area for signature verification
[in]	public_key_data	secp256r1 public key (512-bit). When key_id is used: key_id (8-bit) \|\| public key (512-bit)
[in]	signature	ECDSA secp256r1 signature of ecc_public_wrapped_key
[in,out]	wrapped_key	wrapped key of ecc_public_wrapped_key

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature()

fsp_err_t R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature	(	sce_ecdh_handle_t *	handle,
		uint8_t *	public_key_data,
		sce_ecc_public_wrapped_key_t *	wrapped_key
	)

The R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature() function reads the secp256r1 public key of the other ECDH key exchange party and outputs the public wrapped key to the third argument. The first argument, handle, is used as an argument in the subsequent function R_SCE_ECDH_secp256r1_SharedSecretCalculate(). R_SCE_ECDH_secp256r1_SharedSecretCalculate() uses wrapped_key as input to calculate Z. This API does not verify signature of public_key_data, please protect this data by upper layer software.

Parameters

[in,out]	handle	ECDH handler (work area)
[in]	public_key_data	secp256r1 public key (512-bit). When key_id is used: key_id (8-bit) \|\| public key (512-bit)
[in,out]	wrapped_key	wrapped key of public_key_data

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.; Please note that this is slightly contrary to the protected mode policy as it omits signature verification.

◆ R_SCE_ECDH_secp256r1_SharedSecretCalculate()

fsp_err_t R_SCE_ECDH_secp256r1_SharedSecretCalculate	(	sce_ecdh_handle_t *	handle,
		sce_ecc_public_wrapped_key_t *	ecc_public_wrapped_key,
		sce_ecc_private_wrapped_key_t *	ecc_private_wrapped_key,
		sce_ecdh_wrapped_key_t *	shared_secret_wrapped_key
	)

The R_SCE_ECDH_secp256r1_SharedSecretCalculate() function uses the ECDH key exchange algorithm to output the wrapped key of the shared secret Z derived from the public key of the other key exchange party and your own private key. Input as the second argument, ecc_public_wrapped_key, the public wrapped key whose signature was verified by R_SCE_ECDH_secp256r1_PublicKeyVerify(). When key_type of R_SCE_ECDH_secp256r1_Init() is 0, input as the third argument, ecc_private_wrapped_key, the private wrapped key generated from a random number by R_SCE_ECDH_secp256r1_PublicKeySign(), and when key_type is other than 0, input the private wrapped key that forms a pair with the second argument of R_SCE_ECDH_secp256r1_PublicKeySign(). The subsequent R_SCE_ECDH_secp256r1_KeyDerivation() function uses shared_secret_wrapped_key as key material for outputting the wrapped key.

Parameters

[in,out]	handle	ECDH handler (work area)
[in]	ecc_public_wrapped_key	Public wrapped key whose signature was verified by R_SCE_ECDH_secp256r1_PublicKeyVerify()
[in]	ecc_private_wrapped_key	Private wrapped key
[in,out]	shared_secret_wrapped_key	Wrapped key of shared secret Z calculated by ECDH key exchange

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_KeyDerivation()

fsp_err_t R_SCE_ECDH_secp256r1_KeyDerivation	(	sce_ecdh_handle_t *	handle,
		sce_ecdh_wrapped_key_t *	shared_secret_wrapped_key,
		uint32_t	key_type,
		uint32_t	kdf_type,
		uint8_t *	other_info,
		uint32_t	other_info_length,
		sce_hmac_sha_wrapped_key_t *	salt_wrapped_key,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_ECDH_secp256r1_KeyDerivation() function uses the shared secret "Z (shared_secret_index)" calculated by the R_SCE_ECDH_secp256r1_SharedSecretCalculate() function as the key material to derive the wrapped key specified by the third argument, key_type. The key derivation algorithm is one-step key derivation as defined in NIST SP800-56C. Either SHA-256 or SHA-256 HMAC is specified by the fourth argument, kdf_type. When SHA-256 HMAC is specified, the wrapped key output by the R_SCE_SHA256HMAC_EncryptedKeyWrap() function is specified as the seventh argument, salt_wrapped_key. Enter a fixed value for deriving a key shared with the key exchange partner in the fifth argument, other_info. A wrapped key corresponding to key_type is output as the eighth argument, wrapped_key. The correspondences between the types of derived wrapped_key and the functions with which they can be used as listed below.

AES-128: All AES-128 Init functions
AES-256: All AES-256 Init functions
SHA256-HMAC: R_SCE_SHA256HMAC_GenerateInit() function and R_SCE_SHA256HMAC_VerifyInit() function

Parameters

[in,out]	handle	ECDH handler (work area)
[in]	shared_secret_wrapped_key	Z wrapped key calculated by R_SCE_ECDH_secp256r1_SharedSecretCalculate
[in]	key_type	Derived key type (0: AES-128, 1: AES-256, 2:SHA256-HMAC, 3: AES-GCM-128 with IV)
[in]	kdf_type	Algorithm used for key derivation calculation (0: SHA-256, 1:SHA256-HMAC)
[in]	other_info	Additional data used for key derivation calculation: AlgorithmID \|\| PartyUInfo \|\| PartyVInfo
[in]	other_info_length	Data length of other_info (up to 147 byte units)
[in]	salt_wrapped_key	Salt wrapped key (Input NULL when kdf_type is 0.)
[in,out]	wrapped_key	Wrapped key corresponding to key_type. When the value of key_type is 2, an SHA256-HMAC wrapped key is output. wrapped_key can be specified by casting the start address of the area reserved beforehand by the sce_hmac_sha_wrapped_key_t type with the (sce_aes_wrapped_key_t*) type.

Return values

FSP_SUCCESS	Normal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_EncryptInit()

fsp_err_t R_SCE_AES128ECB_EncryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES128ECB_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128ECB_EncryptUpdate() function and R_SCE_AES128ECB_EncryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_EncryptUpdate()

fsp_err_t R_SCE_AES128ECB_EncryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_length
	)

The R_SCE_AES128ECB_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES128ECB_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in,out]	plain_length	plaintext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_EncryptFinal()

fsp_err_t R_SCE_AES128ECB_EncryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES128ECB_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	cipher	ciphertext data area (nothing ever written here)
[in,out]	cipher_length	ciphertext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_DecryptInit()

fsp_err_t R_SCE_AES128ECB_DecryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES128ECB_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128ECB_DecryptUpdate() function and R_SCE_AES128ECB_DecryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_DecryptUpdate()

fsp_err_t R_SCE_AES128ECB_DecryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_length
	)

The R_SCE_AES128ECB_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES128ECB_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	cipher	ciphertext data area
[in,out]	plain	plaintext data area
[in,out]	cipher_length	ciphertext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_DecryptFinal()

fsp_err_t R_SCE_AES128ECB_DecryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES128ECB_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	plain	plaintext data area (nothing ever written here)
[in,out]	plain_length	plaintext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_EncryptInit()

fsp_err_t R_SCE_AES256ECB_EncryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES256ECB_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256ECB_EncryptUpdate() function and R_SCE_AES256ECB_EncryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_EncryptUpdate()

fsp_err_t R_SCE_AES256ECB_EncryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_length
	)

The R_SCE_AES256ECB_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES256ECB_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in,out]	plain_length	plaintext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_EncryptFinal()

fsp_err_t R_SCE_AES256ECB_EncryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES256ECB_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	cipher	ciphertext data area (nothing ever written here)
[in,out]	cipher_length	ciphertext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_DecryptInit()

fsp_err_t R_SCE_AES256ECB_DecryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES128ECB_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128ECB_DecryptUpdate() function and R_SCE_AES128ECB_DecryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_DecryptUpdate()

fsp_err_t R_SCE_AES256ECB_DecryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_length
	)

The R_SCE_AES256ECB_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES256ECB_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	cipher	ciphertext data area
[in,out]	plain	plaintext data area
[in,out]	cipher_length	ciphertext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_DecryptFinal()

fsp_err_t R_SCE_AES256ECB_DecryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES256ECB_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	plain	plaintext data area (nothing ever written here)
[in,out]	plain_length	plaintext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_EncryptInit()

fsp_err_t R_SCE_AES128CBC_EncryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector
	)

The R_SCE_AES128CBC_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128CBC_EncryptUpdate() function and R_SCE_AES128CBC_EncryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	128-bit AES wrapped key
[in]	initial_vector	initialization vector area (16byte)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_EncryptUpdate()

fsp_err_t R_SCE_AES128CBC_EncryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_length
	)

The R_SCE_AES128CBC_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES128CBC_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in,out]	plain_length	plaintext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_EncryptFinal()

fsp_err_t R_SCE_AES128CBC_EncryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES128CBC_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	cipher	ciphertext data area (nothing ever written here)
[in,out]	cipher_length	ciphertext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_DecryptInit()

fsp_err_t R_SCE_AES128CBC_DecryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector
	)

The R_SCE_AES128CBC_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128CBC_DecryptUpdate() function and R_SCE_AES128CBC_DecryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	128-bit AES wrapped key
[in]	initial_vector	initialization vector area (16byte)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_DecryptUpdate()

fsp_err_t R_SCE_AES128CBC_DecryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_length
	)

The R_SCE_AES128CBC_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES128CBC_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	cipher	ciphertext data area
[in,out]	plain	plaintext data area
[in,out]	cipher_length	ciphertext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_DecryptFinal()

fsp_err_t R_SCE_AES128CBC_DecryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES128CBC_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	plain	plaintext data area (nothing ever written here)
[in,out]	plain_length	plaintext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_EncryptInit()

fsp_err_t R_SCE_AES256CBC_EncryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector
	)

The R_SCE_AES256CBC_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256CBC_EncryptUpdate() function and R_SCE_AES256CBC_EncryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	256-bit AES wrapped key
[in]	initial_vector	initial vector area (16byte)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_EncryptUpdate()

fsp_err_t R_SCE_AES256CBC_EncryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_length
	)

The R_SCE_AES256CBC_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES256CBC_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in,out]	plain_length	plaintext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_EncryptFinal()

fsp_err_t R_SCE_AES256CBC_EncryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES256CBC_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	cipher	ciphertext data area (nothing ever written here)
[in,out]	cipher_length	ciphertext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_DecryptInit()

fsp_err_t R_SCE_AES256CBC_DecryptInit	(	sce_aes_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector
	)

The R_SCE_AES256CBC_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256CBC_DecryptUpdate() function and R_SCE_AES256CBC_DecryptFinal() function.

Parameters

[in,out]	handle	AES handler (work area)
[in]	wrapped_key	256-bit AES wrapped key
[in]	initial_vector	initialization vector area (16byte)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Input illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_DecryptUpdate()

fsp_err_t R_SCE_AES256CBC_DecryptUpdate	(	sce_aes_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_length
	)

The R_SCE_AES256CBC_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES256CBC_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES handler (work area)
[in]	cipher	ciphertext data area
[in,out]	plain	plaintext data area
[in,out]	cipher_length	ciphertext data length (must be a multiple of 16)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_DecryptFinal()

fsp_err_t R_SCE_AES256CBC_DecryptFinal	(	sce_aes_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_length
	)

Using the handle specified in the first argument, handle, the R_SCE_AES256CBC_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters

[in,out]	handle	AES handler (work area)
[in,out]	plain	plaintext data area (nothing ever written here)
[in,out]	plain_length	plaintext data length (0 always written here)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_EncryptInit()

fsp_err_t R_SCE_AES128GCM_EncryptInit	(	sce_gcm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector,
		uint32_t	initial_vector_length
	)

The R_SCE_AES128GCM_EncryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128GCM_EncryptUpdate() function and R_SCE_AES128GCM_EncryptFinal() function.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in]	wrapped_key	128-bit AES wrapped key
[in]	initial_vector	initialization vector area (initial_vector_length byte)
[in]	initial_vector_length	initialization vector length (1 ore more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_EncryptUpdate()

fsp_err_t R_SCE_AES128GCM_EncryptUpdate	(	sce_gcm_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_data_length,
		uint8_t *	aad,
		uint32_t	aad_length
	)

The R_SCE_AES128GCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES128GCM_EncryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from plain reaches 16 bytes or more, the encryption result is output to the ciphertext data area specified in the third argument, cipher. The lengths of the plain and aad data to input are respectively specified in the fourth argument, plain_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and plain input data, but rather the data length to input when the user calls this function. If the input values plain and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from plain. If aad data is input after starting to input plain data, an error will occur. If aad data and plain data are input to this function at the same time, the aad data will be processed, and then the function will transition to the plain data input state.

Specify areas for plain and cipher that do not overlap. For plain, cipher, initial_vector, and aad, specify RAM addresses that are multiples of 4

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in]	plain_data_length	plaintext data length (0 or more bytes)
[in]	aad	additional authentication data (aad_length byte)
[in]	aad_length	additional authentication data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	After the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_EncryptFinal()

fsp_err_t R_SCE_AES128GCM_EncryptFinal	(	sce_gcm_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_data_length,
		uint8_t *	atag
	)

If there is 16-byte fractional data indicated by the total data length of the value of plain that was input by R_SCE_AES128GCM_EncryptUpdate (), the R_SCE_AES128GCM_EncryptFinal() function will output the result of encrypting that fractional data to the ciphertext data area specified in the second argument, cipher. Here, the portion that does not reach 16 bytes will be padded with zeros. The authentication tag is output to the fourth argument, atag. For cipher and atag, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in,out]	cipher	ciphertext data area (cipher_data_length byte)
[in,out]	cipher_data_length	ciphertext data length (0 always written here)
[in,out]	atag	authentication tag area

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_DecryptInit()

fsp_err_t R_SCE_AES128GCM_DecryptInit	(	sce_gcm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector,
		uint32_t	initial_vector_length
	)

The R_SCE_AES128GCM_DecryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128GCM_DecryptUpdate() function and R_SCE_AES128GCM_DecryptFinal() function.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in]	wrapped_key	128-bit AES wrapped key
[in]	initial_vector	initialization vector area (initial_vector_length byte)
[in]	initial_vector_length	initialization vector length (1 ore more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_DecryptUpdate()

fsp_err_t R_SCE_AES128GCM_DecryptUpdate	(	sce_gcm_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_data_length,
		uint8_t *	aad,
		uint32_t	aad_length
	)

The R_SCE_AES128GCM_DecryptUpdate() function decrypts the ciphertext specified in the second argument, cipher, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES128GCM_DecryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from cipher reaches 16 bytes or more, the decryption result is output to the plaintext data area specified in the third argument, plain. The lengths of the cipher and aad data to input are respectively specified in the fourth argument, cipher_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and cipher input data, but rather the data length to input when the user calls this function. If the input values cipher and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from cipher. If aad data is input after starting to input cipher data, an error will occur. If aad data and cipher data are input to this function at the same time, the aad data will be processed, and then the function will transition to the cipher data input state. Specify areas for plain and cipher that do not overlap. For plain, cipher, stage, initial_vector, and aad, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in,out]	cipher	ciphertext data area
[in]	plain	plaintext data area
[in]	cipher_data_length	ciphertext data length (0 or more bytes)
[in]	aad	additional authentication data (aad_length byte)
[in]	aad_length	additional authentication data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	After the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_DecryptFinal()

fsp_err_t R_SCE_AES128GCM_DecryptFinal	(	sce_gcm_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_data_length,
		uint8_t *	atag,
		uint32_t	atag_length
	)

The R_SCE_AES128GCM_DecryptFinal() function decrypts, in GCM mode, the fractional ciphertext specified by R_SCE_AES128GCM_DecryptUpdate() that does not reach 16 bytes, and ends GCM decryption. The encryption data and authentication tag are respectively output to the plaintext data area specified in the second argument, plain, and the authentication tag area specified in the fourth argument, atag. The decoded data length is output to the third argument, plain_data_length. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. For the fourth argument, atag, input 16 bytes or less. If it is less than 16 bytes, it will be padded with zeros inside the function. For plain and atag, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in,out]	plain	plaintext data area (cipher_data_length byte)
[in,out]	plain_data_length	plaintext data length (0 always written here)
[in,out]	atag	authentication tag area (atag_length byte)
[in]	atag_length	authentication tag length (4,8,12,13,14,15,16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_EncryptInit()

fsp_err_t R_SCE_AES256GCM_EncryptInit	(	sce_gcm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector,
		uint32_t	initial_vector_length
	)

The R_SCE_AES256GCM_EncryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256GCM_EncryptUpdate() function and R_SCE_AES256GCM_EncryptFinal() function.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in]	wrapped_key	256-bit AES wrapped key
[in]	initial_vector	initialization vector area (initial_vector_length byte)
[in]	initial_vector_length	initialization vector length (1 ore more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_EncryptUpdate()

fsp_err_t R_SCE_AES256GCM_EncryptUpdate	(	sce_gcm_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_data_length,
		uint8_t *	aad,
		uint32_t	aad_length
	)

The R_SCE_AES256GCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES256GCM_EncryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from plain reaches 16 bytes or more, the encryption result is output to the ciphertext data area specified in the third argument, cipher. The lengths of the plain and aad data to input are respectively specified in the fourth argument, plain_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and plain input data, but rather the data length to input when the user calls this function. If the input values plain and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from plain. If aad data is input after starting to input plain data, an error will occur. If aad data and plain data are input to this function at the same time, the aad data will be processed, and then the function will transition to the plain data input state.

Specify areas for plain and cipher that do not overlap. For plain, cipher, initial_vector, and aad, specify RAM addresses that are multiples of 4

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in]	plain_data_length	plaintext data length (0 or more bytes)
[in]	aad	additional authentication data (aad_length byte)
[in]	aad_length	additional authentication data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	After the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_EncryptFinal()

fsp_err_t R_SCE_AES256GCM_EncryptFinal	(	sce_gcm_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_data_length,
		uint8_t *	atag
	)

If there is 16-byte fractional data indicated by the total data length of the value of plain that was input by R_SCE_AES256GCM_EncryptUpdate (), the R_SCE_AES256GCM_EncryptFinal() function will output the result of encrypting that fractional data to the ciphertext data area specified in the second argument, cipher. Here, the portion that does not reach 16 bytes will be padded with zeros. The authentication tag is output to the fourth argument, atag. For cipher and atag, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in,out]	cipher	ciphertext data area (cipher_data_length byte)
[in,out]	cipher_data_length	ciphertext data length (0 always written here)
[in,out]	atag	authentication tag area

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_DecryptInit()

fsp_err_t R_SCE_AES256GCM_DecryptInit	(	sce_gcm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	initial_vector,
		uint32_t	initial_vector_length
	)

The R_SCE_AES256GCM_DecryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256GCM_DecryptUpdate() function and R_SCE_AES256GCM_DecryptFinal() function.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in]	wrapped_key	256-bit AES wrapped key
[in]	initial_vector	initialization vector area (initial_vector_length byte)
[in]	initial_vector_length	initialization vector length (1 ore more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_DecryptUpdate()

fsp_err_t R_SCE_AES256GCM_DecryptUpdate	(	sce_gcm_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_data_length,
		uint8_t *	aad,
		uint32_t	aad_length
	)

The R_SCE_AES256GCM_DecryptUpdate() function decrypts the ciphertext specified in the second argument, cipher, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES256GCM_DecryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from cipher reaches 16 bytes or more, the decryption result is output to the plaintext data area specified in the third argument, plain. The lengths of the cipher and aad data to input are respectively specified in the fourth argument, cipher_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and cipher input data, but rather the data length to input when the user calls this function. If the input values cipher and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from cipher. If aad data is input after starting to input cipher data, an error will occur. If aad data and cipher data are input to this function at the same time, the aad data will be processed, and then the function will transition to the cipher data input state. Specify areas for plain and cipher that do not overlap. For plain, cipher, stage, initial_vector, and aad, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in,out]	cipher	ciphertext data area
[in]	plain	plaintext data area
[in]	cipher_data_length	ciphertext data length (0 or more bytes)
[in]	aad	additional authentication data (aad_length byte)
[in]	aad_length	additional authentication data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	After the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_DecryptFinal()

fsp_err_t R_SCE_AES256GCM_DecryptFinal	(	sce_gcm_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_data_length,
		uint8_t *	atag,
		uint32_t	atag_length
	)

The R_SCE_AES256GCM_DecryptFinal() function decrypts, in GCM mode, the fractional ciphertext specified by R_SCE_AES256GCM_DecryptUpdate() that does not reach 16 bytes, and ends GCM decryption. The encryption data and authentication tag are respectively output to the plaintext data area specified in the second argument, plain, and the authentication tag area specified in the fourth argument, atag. The decoded data length is output to the third argument, plain_data_length. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. For the fourth argument, atag, input 16 bytes or less. If it is less than 16 bytes, it will be padded with zeros inside the function. For plain and atag, specify RAM addresses that are multiples of 4.

Parameters

[in,out]	handle	AES-GCM handler (work area)
[in,out]	plain	plaintext data area (cipher_data_length byte)
[in,out]	plain_data_length	plaintext data length (0 always written here)
[in,out]	atag	authentication tag area (atag_length byte)
[in]	atag_length	authentication tag length (4,8,12,13,14,15,16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_EncryptInit()

fsp_err_t R_SCE_AES128CCM_EncryptInit	(	sce_ccm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	nonce,
		uint32_t	nonce_length,
		uint8_t *	adata,
		uint8_t	a_length,
		uint32_t	payload_length,
		uint32_t	mac_length
	)

The R_SCE_AES128CCM_EncryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES128CCM_EncryptUpdate() and R_SCE_AES128CCM_EncryptFinal() use handle as an argument.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	wrapped_key	128-bit AES wrapped key
[in]	nonce	Nonce
[in]	nonce_length	Nonce data length (7 to 13 bytes)
[in]	adata	additional authentication data
[in]	a_length	additional authentication data length (0 to 110 bytes)
[in]	payload_length	Payload length (any number of bytes)
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_EncryptUpdate()

fsp_err_t R_SCE_AES128CCM_EncryptUpdate	(	sce_ccm_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_length
	)

The R_SCE_AES128CCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in CCM mode using the values specified by wrapped_key, nonce, and adata in R_SCE_AES128CCM_EncryptInit(). This function buffers internally the data input by the user until the input value of plain exceeds 16 bytes. Once the amount of plain input data is 16 bytes or greater, the encrypted result is output to cipher, which is specified in the third argument. Use payload_length in R_SCE_AES128CCM_EncryptInit() to specify the total data length of plain that will be input. Use plain_length in this function to specify the data length to be input when the user calls this function. If the input value of plain is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to plain and cipher do not overlap. Also, specify RAM addresses that are multiples of 4 for plain and cipher.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in]	plain_length	plaintext data length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_EncryptFinal()

fsp_err_t R_SCE_AES128CCM_EncryptFinal	(	sce_ccm_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_length,
		uint8_t *	mac,
		uint32_t	mac_length
	)

If the data length of plain input in R_SCE_AES128CCM_EncryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES128CCM_EncryptFinal() function outputs the leftover encrypted data to cipher, which is specified in the second argument. The MAC value is output to the fourth argument, mac. Set the fifth argument, mac_length to the same value as that specified for the argument mac_length in Aes128CcmEncryptInit(). Also, specify RAM addresses that are multiples of 4 for cipher and mac.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in,out]	cipher	ciphertext data area
[in,out]	cipher_length	ciphertext data length
[in,out]	mac	MAC area
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_DecryptInit()

fsp_err_t R_SCE_AES128CCM_DecryptInit	(	sce_ccm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	nonce,
		uint32_t	nonce_length,
		uint8_t *	adata,
		uint8_t	a_length,
		uint32_t	payload_length,
		uint32_t	mac_length
	)

The R_SCE_AES128CCM_DecryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES128CCM_DecryptUpdate() and R_SCE_AES128CCM_DecryptFinal() use handle as an argument.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	wrapped_key	128-bit AES wrapped key
[in]	nonce	Nonce
[in]	nonce_length	Nonce data length (7 to 13 bytes)
[in]	adata	additional authentication data
[in]	a_length	additional authentication data length (0 to 110 bytes)
[in]	payload_length	Payload length (any number of bytes)
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_DecryptUpdate()

fsp_err_t R_SCE_AES128CCM_DecryptUpdate	(	sce_ccm_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_length
	)

The R_SCE_AES128CCM_DecryptUpdate() function decrypts the ciphertext specified by the second argument, cipher, in CCM mode using the values specified by wrapped_key, nonce, and adata in in R_SCE_AES128CCM_DecryptInit(). This function buffers internally the data input by the user until the input value of cipher exceeds 16 bytes. Once the amount of cipher input data is 16 bytes or greater, the decrypted result is output to plain, which is specified in the third argument. Use payload_length in R_SCE_AES128CCM_DecryptInit() to specify the total data length of cipher that will be input. Use cipher_length in this function to specify the data length to be input when the user calls this function. If the input value of cipher is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to cipher and plain do not overlap. Also, specify RAM addresses that are multiples of 4 for cipher and plain.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	cipher	ciphertext data area
[in,out]	plain	plaintext data area
[in]	cipher_length	ciphertext data length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_DecryptFinal()

fsp_err_t R_SCE_AES128CCM_DecryptFinal	(	sce_ccm_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_length,
		uint8_t *	mac,
		uint32_t	mac_length
	)

If the data length of cipher input in R_SCE_AES128GCM_DecryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES128GCM_DecryptFinal() function outputs the leftover decrypted data to cipher, which is specified in the second argument. In addition, the function verifies the fourth argument, mac. Set the fifth argument, mac_length, to the same value as that specified for the argument mac_length in Aes128CcmDecryptInit().

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in,out]	plain	plaintext data area
[in,out]	plain_length	plaintext data length
[in]	mac	MAC area
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error, or authentication failed.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_EncryptInit()

fsp_err_t R_SCE_AES256CCM_EncryptInit	(	sce_ccm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	nonce,
		uint32_t	nonce_length,
		uint8_t *	adata,
		uint8_t	a_length,
		uint32_t	payload_length,
		uint32_t	mac_length
	)

The R_SCE_AES256CCM_EncryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES256CCM_EncryptUpdate() and R_SCE_AES256CCM_EncryptFinal() use handle as an argument.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	wrapped_key	256-bit AES wrapped key
[in]	nonce	Nonce
[in]	nonce_length	Nonce data length (7 to 13 bytes)
[in]	adata	additional authentication data
[in]	a_length	additional authentication data length (0 to 110 bytes)
[in]	payload_length	Payload length (any number of bytes)
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_EncryptUpdate()

fsp_err_t R_SCE_AES256CCM_EncryptUpdate	(	sce_ccm_handle_t *	handle,
		uint8_t *	plain,
		uint8_t *	cipher,
		uint32_t	plain_length
	)

The R_SCE_AES256CCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in CCM mode using the values specified by wrapped_key, nonce, and adata in R_SCE_AES256CCM_EncryptInit(). This function buffers internally the data input by the user until the input value of plain exceeds 16 bytes. Once the amount of plain input data is 16 bytes or greater, the encrypted result is output to cipher, which is specified in the third argument. Use payload_length in R_SCE_AES256CCM_EncryptInit() to specify the total data length of plain that will be input. Use plain_length in this function to specify the data length to be input when the user calls this function. If the input value of plain is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to plain and cipher do not overlap. Also, specify RAM addresses that are multiples of 4 for plain and cipher.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	plain	plaintext data area
[in,out]	cipher	ciphertext data area
[in]	plain_length	plaintext data length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_EncryptFinal()

fsp_err_t R_SCE_AES256CCM_EncryptFinal	(	sce_ccm_handle_t *	handle,
		uint8_t *	cipher,
		uint32_t *	cipher_length,
		uint8_t *	mac,
		uint32_t	mac_length
	)

If the data length of plain input in R_SCE_AES256CCM_EncryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES256CCM_EncryptFinal() function outputs the leftover encrypted data to cipher, which is specified in the second argument. The MAC value is output to the fourth argument, mac. Set the fifth argument, mac_length to the same value as that specified for the argument mac_length in Aes256CcmEncryptInit(). Also, specify RAM addresses that are multiples of 4 for cipher and mac.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in,out]	cipher	ciphertext data area
[in,out]	cipher_length	ciphertext data length
[in,out]	mac	MAC area
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_DecryptInit()

fsp_err_t R_SCE_AES256CCM_DecryptInit	(	sce_ccm_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key,
		uint8_t *	nonce,
		uint32_t	nonce_length,
		uint8_t *	adata,
		uint8_t	a_length,
		uint32_t	payload_length,
		uint32_t	mac_length
	)

The R_SCE_AES256CCM_DecryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES256CCM_DecryptUpdate() and R_SCE_AES256CCM_DecryptFinal() use handle as an argument.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	wrapped_key	256-bit AES wrapped key
[in]	nonce	Nonce
[in]	nonce_length	Nonce data length (7 to 13 bytes)
[in]	adata	additional authentication data
[in]	a_length	additional authentication data length (0 to 110 bytes)
[in]	payload_length	Payload length (any number of bytes)
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_DecryptUpdate()

fsp_err_t R_SCE_AES256CCM_DecryptUpdate	(	sce_ccm_handle_t *	handle,
		uint8_t *	cipher,
		uint8_t *	plain,
		uint32_t	cipher_length
	)

The R_SCE_AES256CCM_DecryptUpdate() function decrypts the ciphertext specified by the second argument, cipher, in CCM mode using the values specified by wrapped_key, nonce, and adata in in R_SCE_AES256CCM_DecryptInit(). This function buffers internally the data input by the user until the input value of cipher exceeds 16 bytes. Once the amount of cipher input data is 16 bytes or greater, the decrypted result is output to plain, which is specified in the third argument. Use payload_length in R_SCE_AES256CCM_DecryptInit() to specify the total data length of cipher that will be input. Use cipher_length in this function to specify the data length to be input when the user calls this function. If the input value of cipher is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to cipher and plain do not overlap. Also, specify RAM addresses that are multiples of 4 for cipher and plain.

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in]	cipher	ciphertext data area
[in,out]	plain	plaintext data area
[in]	cipher_length	ciphertext data length

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_DecryptFinal()

fsp_err_t R_SCE_AES256CCM_DecryptFinal	(	sce_ccm_handle_t *	handle,
		uint8_t *	plain,
		uint32_t *	plain_length,
		uint8_t *	mac,
		uint32_t	mac_length
	)

If the data length of cipher input in R_SCE_AES256GCM_DecryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES256GCM_DecryptFinal() function outputs the leftover decrypted data to cipher, which is specified in the second argument. In addition, the function verifies the fourth argument, mac. Set the fifth argument, mac_length, to the same value as that specified for the argument mac_length in Aes256CcmDecryptInit().

Parameters

[in,out]	handle	AES-CCM handler (work area)
[in,out]	plain	plaintext data area
[in,out]	plain_length	plaintext data length
[in]	mac	MAC area
[in]	mac_length	MAC length (4, 6, 8, 10, 12, 14, or 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETER	Input data is illegal.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error, or authentication failed.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_GenerateInit()

fsp_err_t R_SCE_AES128CMAC_GenerateInit	(	sce_cmac_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES128CMAC_GenerateInit() function performs preparations for the execution of an CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128CMAC_GenerateUpdate() function and R_SCE_AES128CMAC_GenerateFinal() function.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_GenerateUpdate()

fsp_err_t R_SCE_AES128CMAC_GenerateUpdate	(	sce_cmac_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_AES128CMAC_GenerateUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES128CMAC_GenerateInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	message	message data area (message_length byte)
[in]	message_length	message data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_GenerateFinal()

fsp_err_t R_SCE_AES128CMAC_GenerateFinal	(	sce_cmac_handle_t *	handle,
		uint8_t *	mac
	)

The R_SCE_AES128CMAC_GenerateFinal() function outputs the MAC value to the MAC data area specified in the second argument, mac, and ends CMAC mode.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in,out]	mac	MAC data area (16byte)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Not used.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_VerifyInit()

fsp_err_t R_SCE_AES128CMAC_VerifyInit	(	sce_cmac_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES128CMAC_VerifyInit() function performs preparations for the execution of a CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argumentin the subsequent R_SCE_AES128CMAC_VerifyUpdate() function and R_SCE_AES128CMAC_VerifyFinal() function.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	wrapped_key	128-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_VerifyUpdate()

fsp_err_t R_SCE_AES128CMAC_VerifyUpdate	(	sce_cmac_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_AES128CMAC_VerifyUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES128CMAC_VerifyInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	message	message data area (message_length byte)
[in]	message_length	message data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_VerifyFinal()

fsp_err_t R_SCE_AES128CMAC_VerifyFinal	(	sce_cmac_handle_t *	handle,
		uint8_t *	mac,
		uint32_t	mac_length
	)

The R_SCE_AES128CMAC_VerifyFinal() function inputs the MAC value in the MAC data area specified in the second argument, mac, and verifies the MAC value. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. If the MAC value is less than 16 bytes, it will be padded with zeros inside the function.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in,out]	mac	MAC data area (mac_length byte)
[in,out]	mac_length	MAC data length (2 to 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_GenerateInit()

fsp_err_t R_SCE_AES256CMAC_GenerateInit	(	sce_cmac_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES256CMAC_GenerateInit() function performs preparations for the execution of an CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256CMAC_GenerateUpdate() function and R_SCE_AES256CMAC_GenerateFinal() function.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	wrapped_key	256-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_GenerateUpdate()

fsp_err_t R_SCE_AES256CMAC_GenerateUpdate	(	sce_cmac_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_AES256CMAC_GenerateUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES256CMAC_GenerateInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	message	message data area (message_length byte)
[in]	message_length	message data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_GenerateFinal()

fsp_err_t R_SCE_AES256CMAC_GenerateFinal	(	sce_cmac_handle_t *	handle,
		uint8_t *	mac
	)

The R_SCE_AES256CMAC_GenerateFinal() function outputs the MAC value to the MAC data area specified in the second argument, mac, and ends CMAC mode.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in,out]	mac	MAC data area (16byte)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Not used.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_VerifyInit()

fsp_err_t R_SCE_AES256CMAC_VerifyInit	(	sce_cmac_handle_t *	handle,
		sce_aes_wrapped_key_t *	wrapped_key
	)

The R_SCE_AES256CMAC_VerifyInit() function performs preparations for the execution of a CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argumentin the subsequent R_SCE_AES256CMAC_VerifyUpdate() function and R_SCE_AES256CMAC_VerifyFinal() function.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	wrapped_key	256-bit AES wrapped key

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAIL	Invalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAIL	Internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_VerifyUpdate()

fsp_err_t R_SCE_AES256CMAC_VerifyUpdate	(	sce_cmac_handle_t *	handle,
		uint8_t *	message,
		uint32_t	message_length
	)

The R_SCE_AES256CMAC_VerifyUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES256CMAC_VerifyInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in]	message	message data area (message_length byte)
[in]	message_length	message data length (0 or more bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_VerifyFinal()

fsp_err_t R_SCE_AES256CMAC_VerifyFinal	(	sce_cmac_handle_t *	handle,
		uint8_t *	mac,
		uint32_t	mac_length
	)

The R_SCE_AES256CMAC_VerifyFinal() function inputs the MAC value in the MAC data area specified in the second argument, mac, and verifies the MAC value. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. If the MAC value is less than 16 bytes, it will be padded with zeros inside the function.

Parameters

[in,out]	handle	AES-CMAC handler (work area)
[in,out]	mac	MAC data area (mac_length byte)
[in,out]	mac_length	MAC data length (2 to 16 bytes)

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATION	Authentication failed
FSP_ERR_CRYPTO_SCE_PARAMETER	An invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTION	An invalid function was called.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_RootCertificateVerify()

fsp_err_t R_SCE_TLS_RootCertificateVerify	(	uint32_t	public_key_type,
		uint8_t *	certificate,
		uint32_t	certificate_length,
		uint32_t	public_key_n_start_position,
		uint32_t	public_key_n_end_position,
		uint32_t	public_key_e_start_position,
		uint32_t	public_key_e_end_position,
		uint8_t *	signature,
		uint32_t *	encrypted_root_public_key
	)

Verify root CA certificate.

Parameters

[in]	public_key_type	key type
[in]	certificate	certificates.
[in]	certificate_length	byte size of certificates.
[in]	public_key_n_start_position	start position of public key n.
[in]	public_key_n_end_position	end position of public key n.
[in]	public_key_e_start_position	start position of public key e.
[in]	public_key_e_end_position	end position of public key e.
[in]	signature	signature for certificates.
[out]	encrypted_root_public_key	public key for RSA 2048bit.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_CertificateVerify()

fsp_err_t R_SCE_TLS_CertificateVerify	(	uint32_t	public_key_type,
		uint32_t *	encrypted_input_public_key,
		uint8_t *	certificate,
		uint32_t	certificate_length,
		uint8_t *	signature,
		uint32_t	public_key_n_start_position,
		uint32_t	public_key_n_end_position,
		uint32_t	public_key_e_start_position,
		uint32_t	public_key_e_end_position,
		uint32_t *	encrypted_output_public_key
	)

Verify server certificate and intermediate certificate.

Parameters

[in]	public_key_type	key type
[in]	encrypted_input_public_key	public key.
[in]	certificate	certificates.
[in]	certificate_length	byte size of certificates.
[in]	signature	signature for certificates.
[in]	public_key_n_start_position	start position of public key n.
[in]	public_key_n_end_position	end position of public key n.
[in]	public_key_e_start_position	start position of public key e.
[in]	public_key_e_end_position	end position of public key e.
[out]	encrypted_output_public_key	public key for RSA 2048bit.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_PreMasterSecretGenerateForRSA2048()

fsp_err_t R_SCE_TLS_PreMasterSecretGenerateForRSA2048 ( uint32_t * sce_pre_master_secret )

Generate encrypted pre-master secret.

Parameters

[out] sce_pre_master_secret pre-master secret value for SCE.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_MasterSecretGenerate()

fsp_err_t R_SCE_TLS_MasterSecretGenerate	(	uint32_t	select_cipher_suite,
		uint32_t *	sce_pre_master_secret,
		uint8_t *	client_random,
		uint8_t *	server_random,
		uint32_t *	sce_master_secret
	)

Generate encrypted master secret.

Parameters

[in]	select_cipher_suite	cipher suite type
[in]	sce_pre_master_secret	pre-master secret value for SCE.
[in]	client_random	random value reported ClientHello.
[in]	server_random	random value reported ServerHello.
[out]	sce_master_secret	master secret value with SCE-specific conversion.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

Generate encrypted master secret.

Parameters

[in]	select_cipher_suite	cipher suite type
[in]	sce_pre_master_secret	pre-master secret value for SCE.
[in]	client_random	random value reported ClientHello.
[in]	server_random	random value reported ServerHello.
[out]	sce_master_secret	master secret value for SCE.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_PreMasterSecretEncryptWithRSA2048()

fsp_err_t R_SCE_TLS_PreMasterSecretEncryptWithRSA2048	(	uint32_t *	encrypted_public_key,
		uint32_t *	sce_pre_master_secret,
		uint8_t *	encrypted_pre_master_secret
	)

Output the result encrypted pre-master secret with RSA 2048bit

Parameters

[in]	encrypted_public_key	public key data.
[in]	sce_pre_master_secret	pre-master secret value.
[out]	encrypted_pre_master_secret	the value encrypted pre-master secret.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_SessionKeyGenerate()

fsp_err_t R_SCE_TLS_SessionKeyGenerate	(	uint32_t	select_cipher_suite,
		uint32_t *	sce_master_secret,
		uint8_t *	client_random,
		uint8_t *	server_random,
		uint8_t *	nonce_explicit,
		sce_hmac_sha_wrapped_key_t *	client_mac_wrapped_key,
		sce_hmac_sha_wrapped_key_t *	server_mac_wrapped_key,
		sce_aes_wrapped_key_t *	client_crypto_wrapped_key,
		sce_aes_wrapped_key_t *	server_crypto_wrapped_key,
		uint8_t *	client_initial_vector,
		uint8_t *	server_initial_vector
	)

Output various key information.

Parameters

[in]	select_cipher_suite	Key suite information number.
[in]	sce_master_secret	master secret value.
[in]	client_random	random value reported ClientHello.
[in]	server_random	random value reported ServerHello.
[in]	nonce_explicit	nonce value
[out]	client_mac_wrapped_key	the mac key during communication from client to server.
[out]	server_mac_wrapped_key	the mac key during communication from server to client.
[out]	client_crypto_wrapped_key	the crypto key during communication from client to server.
[out]	server_crypto_wrapped_key	the crypto key during communication from server to client.
[in]	client_initial_vector	not use.
[in]	server_initial_vector	not use.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_VerifyDataGenerate()

fsp_err_t R_SCE_TLS_VerifyDataGenerate	(	uint32_t	select_verify_data,
		uint32_t *	sce_master_secret,
		uint8_t *	hand_shake_hash,
		uint8_t *	verify_data
	)

Generate verify data.

Parameters

[in]	select_verify_data	Select Client/Server data.
[in]	sce_master_secret	master secret data.
[in]	hand_shake_hash	TLS hand shake message SHA256 HASH value.
[out]	verify_data	verify data.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_ServerKeyExchangeVerify()

fsp_err_t R_SCE_TLS_ServerKeyExchangeVerify	(	uint32_t	public_key_type,
		uint8_t *	client_random,
		uint8_t *	server_random,
		uint8_t *	server_ephemeral_ecdh_public_key,
		uint8_t *	server_key_exchange_signature,
		uint32_t *	encrypted_public_key,
		uint32_t *	encrypted_ephemeral_ecdh_public_key
	)

Retrives ECDH public key.

Parameters

[in]	public_key_type	key type
[in]	client_random	random value reported ClientHello.
[in]	server_random	random value reported ServerHello.
[in]	server_ephemeral_ecdh_public_key	Ephemeral ECDH public key from Server.
[in]	server_key_exchange_signature	Server Key Exchange sigunature.
[in]	encrypted_public_key	encrypted public key.
[out]	encrypted_ephemeral_ecdh_public_key	encrypted Ephemeral ECDH public key.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1()

fsp_err_t R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1	(	uint32_t *	encrypted_public_key,
		sce_tls_p256_ecc_wrapped_key_t *	tls_p256_ecc_wrapped_key,
		uint32_t *	sce_pre_master_secret
	)

Generate encrypted pre-master secret.

Parameters

[in]	encrypted_public_key	encrypted public key
[in]	tls_p256_ecc_wrapped_key	P-256 ECC key index.
[out]	sce_pre_master_secret	encrypted pre-master secret value for SCE.

Return values

FSP_SUCCESS	Normal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICT	A resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAIL	An internal error occurred.

Note: The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

Functions

Detailed Description

Overview

HW Overview

Features

Configuration

Clock Configuration

Pin Configuration

Usage Notes

Getting Started: Creating a SCE Protected Mode Project

Reducing intialization time

Limitations

Usage of R_SCE_ECDSA_secp384r1_SignatureGenerate/Verify

SCE_USER_SHA_384_FUNCTION()

Examples

AES Example

ECC Example

RSA Example

HASH Example

Data Structures

Data Structure Documentation

◆ sce_instance_ctrl_t

Function Documentation

◆ R_SCE_RSASSA_PKCS1024_SignatureGenerate()

◆ R_SCE_RSASSA_PKCS1024_SignatureVerify()

◆ R_SCE_RSAES_PKCS1024_Encrypt()

◆ R_SCE_RSAES_PKCS1024_Decrypt()

◆ R_SCE_RSASSA_PKCS2048_SignatureGenerate()

◆ R_SCE_RSASSA_PKCS2048_SignatureVerify()

◆ R_SCE_RSASSA_PKCS3072_SignatureVerify()

◆ R_SCE_RSASSA_PKCS4096_SignatureVerify()

◆ R_SCE_RSAES_PKCS2048_Encrypt()

◆ R_SCE_RSAES_PKCS2048_Decrypt()

◆ R_SCE_RSAES_PKCS3072_Encrypt()

◆ R_SCE_RSAES_PKCS4096_Encrypt()

◆ R_SCE_SHA256_Init()

◆ R_SCE_SHA256_Update()

◆ R_SCE_SHA256_Final()

◆ R_SCE_SHA256HMAC_GenerateInit()

◆ R_SCE_SHA256HMAC_GenerateUpdate()

◆ R_SCE_SHA256HMAC_GenerateFinal()

◆ R_SCE_SHA256HMAC_VerifyInit()

◆ R_SCE_SHA256HMAC_VerifyUpdate()

◆ R_SCE_SHA256HMAC_VerifyFinal()

◆ R_SCE_Open()

◆ R_SCE_Close()

◆ R_SCE_SoftwareReset()

◆ R_SCE_RandomNumberGenerate()

◆ R_SCE_AES128_WrappedKeyGenerate()

◆ R_SCE_AES256_WrappedKeyGenerate()

◆ R_SCE_AES128_EncryptedKeyWrap()

◆ R_SCE_AES256_EncryptedKeyWrap()

◆ R_SCE_AES128_RFC3394KeyWrap()

◆ R_SCE_AES256_RFC3394KeyWrap()

◆ R_SCE_AES128_RFC3394KeyUnwrap()

◆ R_SCE_AES256_RFC3394KeyUnwrap()

◆ R_SCE_SHA256HMAC_EncryptedKeyWrap()

◆ R_SCE_RSA1024_WrappedKeyPairGenerate()

◆ R_SCE_RSA2048_WrappedKeyPairGenerate()

◆ R_SCE_RSA1024_EncryptedPublicKeyWrap()

◆ R_SCE_RSA1024_EncryptedPrivateKeyWrap()

◆ R_SCE_RSA2048_EncryptedPublicKeyWrap()

◆ R_SCE_RSA2048_EncryptedPrivateKeyWrap()

◆ R_SCE_RSA3072_EncryptedPublicKeyWrap()

◆ R_SCE_RSA4096_EncryptedPublicKeyWrap()

◆ R_SCE_ECC_secp192r1_WrappedKeyPairGenerate()

◆ R_SCE_ECC_secp224r1_WrappedKeyPairGenerate()

◆ R_SCE_ECC_secp256r1_WrappedKeyPairGenerate()

◆ R_SCE_ECC_secp384r1_WrappedKeyPairGenerate()

◆ R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap()

◆ R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap()

◆ R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap()

◆ R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap()

◆ R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap()

◆ R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap()

◆ R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap()

◆ R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap()

◆ R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall()

◆ R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate()

◆ R_SCE_ECDSA_secp192r1_SignatureGenerate()