RA Flexible Software Package Documentation  Release v5.7.0

 
SCE Protected Mode

Functions

fsp_err_t R_SCE_SHA256_Init (sce_sha_md5_handle_t *handle)
 
fsp_err_t R_SCE_SHA256_Update (sce_sha_md5_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_SHA256_Final (sce_sha_md5_handle_t *handle, uint8_t *digest, uint32_t *digest_length)
 
fsp_err_t R_SCE_SHA256HMAC_GenerateInit (sce_hmac_sha_handle_t *handle, sce_hmac_sha_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_SHA256HMAC_GenerateUpdate (sce_hmac_sha_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_SHA256HMAC_GenerateFinal (sce_hmac_sha_handle_t *handle, uint8_t *mac)
 
fsp_err_t R_SCE_SHA256HMAC_VerifyInit (sce_hmac_sha_handle_t *handle, sce_hmac_sha_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_SHA256HMAC_VerifyUpdate (sce_hmac_sha_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_SHA256HMAC_VerifyFinal (sce_hmac_sha_handle_t *handle, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_RSASSA_PKCS1024_SignatureGenerate (sce_rsa_byte_data_t *message_hash, sce_rsa_byte_data_t *signature, sce_rsa1024_private_wrapped_key_t *wrapped_key, uint8_t hash_type)
 
fsp_err_t R_SCE_RSASSA_PKCS1024_SignatureVerify (sce_rsa_byte_data_t *signature, sce_rsa_byte_data_t *message_hash, sce_rsa1024_public_wrapped_key_t *wrapped_key, uint8_t hash_type)
 
fsp_err_t R_SCE_RSAES_PKCS1024_Encrypt (sce_rsa_byte_data_t *plain, sce_rsa_byte_data_t *cipher, sce_rsa1024_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSAES_PKCS1024_Decrypt (sce_rsa_byte_data_t *cipher, sce_rsa_byte_data_t *plain, sce_rsa1024_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSASSA_PKCS2048_SignatureGenerate (sce_rsa_byte_data_t *message_hash, sce_rsa_byte_data_t *signature, sce_rsa2048_private_wrapped_key_t *wrapped_key, uint8_t hash_type)
 
fsp_err_t R_SCE_RSASSA_PKCS2048_SignatureVerify (sce_rsa_byte_data_t *signature, sce_rsa_byte_data_t *message_hash, sce_rsa2048_public_wrapped_key_t *wrapped_key, uint8_t hash_type)
 
fsp_err_t R_SCE_RSASSA_PKCS3072_SignatureVerify (sce_rsa_byte_data_t *signature, sce_rsa_byte_data_t *message_hash, sce_rsa3072_public_wrapped_key_t *wrapped_key, uint8_t hash_type)
 
fsp_err_t R_SCE_RSASSA_PKCS4096_SignatureVerify (sce_rsa_byte_data_t *signature, sce_rsa_byte_data_t *message_hash, sce_rsa4096_public_wrapped_key_t *wrapped_key, uint8_t hash_type)
 
fsp_err_t R_SCE_RSAES_PKCS2048_Encrypt (sce_rsa_byte_data_t *plain, sce_rsa_byte_data_t *cipher, sce_rsa2048_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSAES_PKCS2048_Decrypt (sce_rsa_byte_data_t *cipher, sce_rsa_byte_data_t *plain, sce_rsa2048_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSAES_PKCS3072_Encrypt (sce_rsa_byte_data_t *plain, sce_rsa_byte_data_t *cipher, sce_rsa3072_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSAES_PKCS4096_Encrypt (sce_rsa_byte_data_t *plain, sce_rsa_byte_data_t *cipher, sce_rsa4096_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_Open (sce_ctrl_t *const p_ctrl, sce_cfg_t const *const p_cfg)
 
fsp_err_t R_SCE_Close (sce_ctrl_t *const p_ctrl)
 
fsp_err_t R_SCE_SoftwareReset (void)
 
fsp_err_t R_SCE_RandomNumberGenerate (uint32_t *random)
 
fsp_err_t R_SCE_AES128_WrappedKeyGenerate (sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES256_WrappedKeyGenerate (sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128_EncryptedKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES256_EncryptedKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128_RFC3394KeyWrap (sce_aes_wrapped_key_t *master_key, uint32_t target_key_type, sce_aes_wrapped_key_t *target_key, uint32_t *rfc3394_wrapped_key)
 
fsp_err_t R_SCE_AES256_RFC3394KeyWrap (sce_aes_wrapped_key_t *master_key, uint32_t target_key_type, sce_aes_wrapped_key_t *target_key, uint32_t *rfc3394_wrapped_key)
 
fsp_err_t R_SCE_AES128_RFC3394KeyUnwrap (sce_aes_wrapped_key_t *master_key, uint32_t target_key_type, uint32_t *rfc3394_wrapped_key, sce_aes_wrapped_key_t *target_key)
 
fsp_err_t R_SCE_AES256_RFC3394KeyUnwrap (sce_aes_wrapped_key_t *master_key, uint32_t target_key_type, uint32_t *rfc3394_wrapped_key, sce_aes_wrapped_key_t *target_key)
 
fsp_err_t R_SCE_SHA256HMAC_EncryptedKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_hmac_sha_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSA1024_WrappedKeyPairGenerate (sce_rsa1024_wrapped_pair_key_t *wrapped_pair_key)
 
fsp_err_t R_SCE_RSA2048_WrappedKeyPairGenerate (sce_rsa2048_wrapped_pair_key_t *wrapped_pair_key)
 
fsp_err_t R_SCE_RSA1024_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_rsa1024_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSA1024_EncryptedPrivateKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_rsa1024_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSA2048_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_rsa2048_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSA2048_EncryptedPrivateKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_rsa2048_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSA3072_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_rsa3072_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_RSA4096_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_rsa4096_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp192r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)
 
fsp_err_t R_SCE_ECC_secp224r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)
 
fsp_err_t R_SCE_ECC_secp256r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)
 
fsp_err_t R_SCE_ECC_secp384r1_WrappedKeyPairGenerate (sce_ecc_wrapped_pair_key_t *wrapped_pair_key)
 
fsp_err_t R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap (uint8_t *initial_vector, uint8_t *encrypted_key, sce_key_update_key_t *key_update_key, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall (uint8_t *encrypted_provisioning_key, uint8_t *initial_vector, uint8_t *encrypted_key, sce_tls_ca_certification_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate (sce_tls_p256_ecc_wrapped_key_t *tls_p256_ecc_wrapped_key, uint8_t *ephemeral_ecdh_public_key)
 
fsp_err_t R_SCE_ECDSA_secp192r1_SignatureGenerate (sce_ecdsa_byte_data_t *message_hash, sce_ecdsa_byte_data_t *signature, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp224r1_SignatureGenerate (sce_ecdsa_byte_data_t *message_hash, sce_ecdsa_byte_data_t *signature, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp256r1_SignatureGenerate (sce_ecdsa_byte_data_t *message_hash, sce_ecdsa_byte_data_t *signature, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp384r1_SignatureGenerate (sce_ecdsa_byte_data_t *message_hash, sce_ecdsa_byte_data_t *signature, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp192r1_SignatureVerify (sce_ecdsa_byte_data_t *signature, sce_ecdsa_byte_data_t *message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp224r1_SignatureVerify (sce_ecdsa_byte_data_t *signature, sce_ecdsa_byte_data_t *message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp256r1_SignatureVerify (sce_ecdsa_byte_data_t *signature, sce_ecdsa_byte_data_t *message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDSA_secp384r1_SignatureVerify (sce_ecdsa_byte_data_t *signature, sce_ecdsa_byte_data_t *message_hash, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDH_secp256r1_Init (sce_ecdh_handle_t *handle, uint32_t key_type, uint32_t use_key_id)
 
fsp_err_t R_SCE_ECDH_secp256r1_PublicKeySign (sce_ecdh_handle_t *handle, sce_ecc_public_wrapped_key_t *ecc_public_wrapped_key, sce_ecc_private_wrapped_key_t *ecc_private_wrapped_key, uint8_t *public_key, sce_ecdsa_byte_data_t *signature, sce_ecc_private_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDH_secp256r1_PublicKeyVerify (sce_ecdh_handle_t *handle, sce_ecc_public_wrapped_key_t *ecc_public_wrapped_key, uint8_t *public_key_data, sce_ecdsa_byte_data_t *signature, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature (sce_ecdh_handle_t *handle, uint8_t *public_key_data, sce_ecc_public_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_ECDH_secp256r1_SharedSecretCalculate (sce_ecdh_handle_t *handle, sce_ecc_public_wrapped_key_t *ecc_public_wrapped_key, sce_ecc_private_wrapped_key_t *ecc_private_wrapped_key, sce_ecdh_wrapped_key_t *shared_secret_wrapped_key)
 
fsp_err_t R_SCE_ECDH_secp256r1_KeyDerivation (sce_ecdh_handle_t *handle, sce_ecdh_wrapped_key_t *shared_secret_wrapped_key, uint32_t key_type, uint32_t kdf_type, uint8_t *other_info, uint32_t other_info_length, sce_hmac_sha_wrapped_key_t *salt_wrapped_key, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128ECB_EncryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128ECB_EncryptUpdate (sce_aes_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_length)
 
fsp_err_t R_SCE_AES128ECB_EncryptFinal (sce_aes_handle_t *handle, uint8_t *cipher, uint32_t *cipher_length)
 
fsp_err_t R_SCE_AES128ECB_DecryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128ECB_DecryptUpdate (sce_aes_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_length)
 
fsp_err_t R_SCE_AES128ECB_DecryptFinal (sce_aes_handle_t *handle, uint8_t *plain, uint32_t *plain_length)
 
fsp_err_t R_SCE_AES256ECB_EncryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES256ECB_EncryptUpdate (sce_aes_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_length)
 
fsp_err_t R_SCE_AES256ECB_EncryptFinal (sce_aes_handle_t *handle, uint8_t *cipher, uint32_t *cipher_length)
 
fsp_err_t R_SCE_AES256ECB_DecryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES256ECB_DecryptUpdate (sce_aes_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_length)
 
fsp_err_t R_SCE_AES256ECB_DecryptFinal (sce_aes_handle_t *handle, uint8_t *plain, uint32_t *plain_length)
 
fsp_err_t R_SCE_AES128CBC_EncryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector)
 
fsp_err_t R_SCE_AES128CBC_EncryptUpdate (sce_aes_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_length)
 
fsp_err_t R_SCE_AES128CBC_EncryptFinal (sce_aes_handle_t *handle, uint8_t *cipher, uint32_t *cipher_length)
 
fsp_err_t R_SCE_AES128CBC_DecryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector)
 
fsp_err_t R_SCE_AES128CBC_DecryptUpdate (sce_aes_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_length)
 
fsp_err_t R_SCE_AES128CBC_DecryptFinal (sce_aes_handle_t *handle, uint8_t *plain, uint32_t *plain_length)
 
fsp_err_t R_SCE_AES256CBC_EncryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector)
 
fsp_err_t R_SCE_AES256CBC_EncryptUpdate (sce_aes_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_length)
 
fsp_err_t R_SCE_AES256CBC_EncryptFinal (sce_aes_handle_t *handle, uint8_t *cipher, uint32_t *cipher_length)
 
fsp_err_t R_SCE_AES256CBC_DecryptInit (sce_aes_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector)
 
fsp_err_t R_SCE_AES256CBC_DecryptUpdate (sce_aes_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_length)
 
fsp_err_t R_SCE_AES256CBC_DecryptFinal (sce_aes_handle_t *handle, uint8_t *plain, uint32_t *plain_length)
 
fsp_err_t R_SCE_AES128GCM_EncryptInit (sce_gcm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)
 
fsp_err_t R_SCE_AES128GCM_EncryptUpdate (sce_gcm_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_data_length, uint8_t *aad, uint32_t aad_length)
 
fsp_err_t R_SCE_AES128GCM_EncryptFinal (sce_gcm_handle_t *handle, uint8_t *cipher, uint32_t *cipher_data_length, uint8_t *atag)
 
fsp_err_t R_SCE_AES128GCM_DecryptInit (sce_gcm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)
 
fsp_err_t R_SCE_AES128GCM_DecryptUpdate (sce_gcm_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_data_length, uint8_t *aad, uint32_t aad_length)
 
fsp_err_t R_SCE_AES128GCM_DecryptFinal (sce_gcm_handle_t *handle, uint8_t *plain, uint32_t *plain_data_length, uint8_t *atag, uint32_t atag_length)
 
fsp_err_t R_SCE_AES256GCM_EncryptInit (sce_gcm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)
 
fsp_err_t R_SCE_AES256GCM_EncryptUpdate (sce_gcm_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_data_length, uint8_t *aad, uint32_t aad_length)
 
fsp_err_t R_SCE_AES256GCM_EncryptFinal (sce_gcm_handle_t *handle, uint8_t *cipher, uint32_t *cipher_data_length, uint8_t *atag)
 
fsp_err_t R_SCE_AES256GCM_DecryptInit (sce_gcm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *initial_vector, uint32_t initial_vector_length)
 
fsp_err_t R_SCE_AES256GCM_DecryptUpdate (sce_gcm_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_data_length, uint8_t *aad, uint32_t aad_length)
 
fsp_err_t R_SCE_AES256GCM_DecryptFinal (sce_gcm_handle_t *handle, uint8_t *plain, uint32_t *plain_data_length, uint8_t *atag, uint32_t atag_length)
 
fsp_err_t R_SCE_AES128CCM_EncryptInit (sce_ccm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *nonce, uint32_t nonce_length, uint8_t *adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)
 
fsp_err_t R_SCE_AES128CCM_EncryptUpdate (sce_ccm_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_length)
 
fsp_err_t R_SCE_AES128CCM_EncryptFinal (sce_ccm_handle_t *handle, uint8_t *cipher, uint32_t *cipher_length, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_AES128CCM_DecryptInit (sce_ccm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *nonce, uint32_t nonce_length, uint8_t *adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)
 
fsp_err_t R_SCE_AES128CCM_DecryptUpdate (sce_ccm_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_length)
 
fsp_err_t R_SCE_AES128CCM_DecryptFinal (sce_ccm_handle_t *handle, uint8_t *plain, uint32_t *plain_length, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_AES256CCM_EncryptInit (sce_ccm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *nonce, uint32_t nonce_length, uint8_t *adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)
 
fsp_err_t R_SCE_AES256CCM_EncryptUpdate (sce_ccm_handle_t *handle, uint8_t *plain, uint8_t *cipher, uint32_t plain_length)
 
fsp_err_t R_SCE_AES256CCM_EncryptFinal (sce_ccm_handle_t *handle, uint8_t *cipher, uint32_t *cipher_length, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_AES256CCM_DecryptInit (sce_ccm_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key, uint8_t *nonce, uint32_t nonce_length, uint8_t *adata, uint8_t a_length, uint32_t payload_length, uint32_t mac_length)
 
fsp_err_t R_SCE_AES256CCM_DecryptUpdate (sce_ccm_handle_t *handle, uint8_t *cipher, uint8_t *plain, uint32_t cipher_length)
 
fsp_err_t R_SCE_AES256CCM_DecryptFinal (sce_ccm_handle_t *handle, uint8_t *plain, uint32_t *plain_length, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_AES128CMAC_GenerateInit (sce_cmac_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128CMAC_GenerateUpdate (sce_cmac_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_AES128CMAC_GenerateFinal (sce_cmac_handle_t *handle, uint8_t *mac)
 
fsp_err_t R_SCE_AES128CMAC_VerifyInit (sce_cmac_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES128CMAC_VerifyUpdate (sce_cmac_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_AES128CMAC_VerifyFinal (sce_cmac_handle_t *handle, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_AES256CMAC_GenerateInit (sce_cmac_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES256CMAC_GenerateUpdate (sce_cmac_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_AES256CMAC_GenerateFinal (sce_cmac_handle_t *handle, uint8_t *mac)
 
fsp_err_t R_SCE_AES256CMAC_VerifyInit (sce_cmac_handle_t *handle, sce_aes_wrapped_key_t *wrapped_key)
 
fsp_err_t R_SCE_AES256CMAC_VerifyUpdate (sce_cmac_handle_t *handle, uint8_t *message, uint32_t message_length)
 
fsp_err_t R_SCE_AES256CMAC_VerifyFinal (sce_cmac_handle_t *handle, uint8_t *mac, uint32_t mac_length)
 
fsp_err_t R_SCE_TLS_RootCertificateVerify (uint32_t public_key_type, uint8_t *certificate, uint32_t certificate_length, uint32_t public_key_n_start_position, uint32_t public_key_n_end_position, uint32_t public_key_e_start_position, uint32_t public_key_e_end_position, uint8_t *signature, uint32_t *encrypted_root_public_key)
 
fsp_err_t R_SCE_TLS_CertificateVerify (uint32_t public_key_type, uint32_t *encrypted_input_public_key, uint8_t *certificate, uint32_t certificate_length, uint8_t *signature, uint32_t public_key_n_start_position, uint32_t public_key_n_end_position, uint32_t public_key_e_start_position, uint32_t public_key_e_end_position, uint32_t *encrypted_output_public_key)
 
fsp_err_t R_SCE_TLS_PreMasterSecretGenerateForRSA2048 (uint32_t *sce_pre_master_secret)
 
fsp_err_t R_SCE_TLS_MasterSecretGenerate (uint32_t select_cipher_suite, uint32_t *sce_pre_master_secret, uint8_t *client_random, uint8_t *server_random, uint32_t *sce_master_secret)
 
fsp_err_t R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 (uint32_t *encrypted_public_key, uint32_t *sce_pre_master_secret, uint8_t *encrypted_pre_master_secret)
 
fsp_err_t R_SCE_TLS_SessionKeyGenerate (uint32_t select_cipher_suite, uint32_t *sce_master_secret, uint8_t *client_random, uint8_t *server_random, uint8_t *nonce_explicit, sce_hmac_sha_wrapped_key_t *client_mac_wrapped_key, sce_hmac_sha_wrapped_key_t *server_mac_wrapped_key, sce_aes_wrapped_key_t *client_crypto_wrapped_key, sce_aes_wrapped_key_t *server_crypto_wrapped_key, uint8_t *client_initial_vector, uint8_t *server_initial_vector)
 
fsp_err_t R_SCE_TLS_VerifyDataGenerate (uint32_t select_verify_data, uint32_t *sce_master_secret, uint8_t *hand_shake_hash, uint8_t *verify_data)
 
fsp_err_t R_SCE_TLS_ServerKeyExchangeVerify (uint32_t public_key_type, uint8_t *client_random, uint8_t *server_random, uint8_t *server_ephemeral_ecdh_public_key, uint8_t *server_key_exchange_signature, uint32_t *encrypted_public_key, uint32_t *encrypted_ephemeral_ecdh_public_key)
 
fsp_err_t R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1 (uint32_t *encrypted_public_key, sce_tls_p256_ecc_wrapped_key_t *tls_p256_ecc_wrapped_key, uint32_t *sce_pre_master_secret)
 

Detailed Description

Driver for the Secure Crypto Engine (SCE9) on RA MCUs.

Overview

This module provides SCE functions in protected mode.

Note
For a detailed description of the different SCE9 operating modes, refer to Application Note R11AN0498.

HW Overview

Crypto Peripheral version Devices
SCE9 (Protected mode) RA4M2, RA4M3, RA6M4, RA6M5

Features

The SCE module supports for the following features.

Configuration

Clock Configuration

This module does not require a specific clock configuration.

Pin Configuration

This module does not use I/O pins.

Usage Notes

Getting Started: Creating a SCE Protected Mode Project

Start by creating a new project in e² studio or RASC. On the Stacks tab, add New > Security > SCE Protected Mode. For information on how to install and update secure keys, refer to the Application Note R11AN0496.

Reducing intialization time

The SCE intialization sequence can be modified to support a smaller subset of features and allow for a shorter intialization period. This is particularly useful in cases where startup time is important and the cryptographic features that are required are known in advance. The current fast boot configuration option supports the cryptographic primitives requried by MCUBoot including:

Limitations

Usage of R_SCE_ECDSA_secp384r1_SignatureGenerate/Verify

The SCE does not support SHA-384 in hardware, so the APIs listed below require the user to create a SHA-384 function for signature generation and verification. To use the APIs listed below, enable SCE_USER_SHA_384_ENABLED on RA Smart Configurator and prepare a function called SCE_USER_SHA_384_FUNCTION. The interface of SCE_USER_SHA_384_FUNCTION, which is called by the following APIs, is described below.

SCE_USER_SHA_384_FUNCTION()

uint32_t SCE_USER_SHA_384_FUNCTION(uint8_t *message, uint8_t* digest, uint32_t message_length)

SHA-384 hash calculation is performed for an area extending the number of bytes specified by the argument message_length from the address specified by the argument message. The calculation result should be stored at the address specified by the argument digest.

Parameters
message[in] Start address of message
digest[in,out] address for storing hash calculation result (48 bytes)
message_length[in] Effective byte count of message
Return values
0Hash value stored successfully.
othersStoring of hash value failed.

Examples

AES Example

This is an example of AES-256 encryption and decryption.

static uint8_t plain[BLOCK * 2] =
{
0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00
};
void r_sce_example_aes ()
{
sce_aes_wrapped_key_t wrapped_key;
uint8_t cipher_calculated[32] = {0};
uint8_t plain_calculated[32] = {0};
uint32_t dummy;
/* SCE power on */
R_SCE_Open(&sce_ctrl, &sce_cfg);
/* Generate a random key */
/* Encrypt a plain text */
R_SCE_AES256ECB_EncryptInit(&handle, &wrapped_key);
R_SCE_AES256ECB_EncryptUpdate(&handle, plain, cipher_calculated, BLOCK * 2);
R_SCE_AES256ECB_EncryptFinal(&handle, cipher_calculated, &dummy);
/* Decrypt a cipher text using same key as Encryption */
R_SCE_AES256ECB_DecryptInit(&handle, &wrapped_key);
R_SCE_AES256ECB_DecryptUpdate(&handle, cipher_calculated, plain_calculated, BLOCK * 2);
R_SCE_AES256ECB_DecryptFinal(&handle, plain_calculated, &dummy);
/* SCE power off */
R_SCE_Close(&sce_ctrl);
/* Compare plain and plain_calculated */
if (memcmp(plain, plain_calculated, BLOCK * 2))
{
while (1)
{
/* plain and plain_calculated are different (incorrect) */
}
}
else
{
while (1)
{
/* plain and plain_calculated are the same (correct) */
}
}
}

ECC Example

This is an example of ECC secp-256 signature generate and verify.

uint8_t ecc256_data_msg[] =
{
's', 'a', 'm', 'p', 'l', 'e'
};
void r_sce_example_ecc ()
{
sce_ecc_wrapped_pair_key_t wrapped_pair_key;
sce_ecdsa_byte_data_t message_hash =
{
0
};
uint8_t out_data[HW_SCE_ECDSA_DATA_BYTE_SIZE];
fsp_err_t return_code;
message_hash.data_length = sizeof(ecc256_data_msg);
message_hash.pdata = (uint8_t *) ecc256_data_msg;
signature.pdata = out_data;
/* SCE power on */
R_SCE_Open(&sce_ctrl, &sce_cfg);
/* Generate a random pair key */
/* Generate a Signature */
R_SCE_ECDSA_secp256r1_SignatureGenerate(&message_hash, &signature, &wrapped_pair_key.priv_key);
/* Verify Signature and Public wrapped key */
return_code = R_SCE_ECDSA_secp256r1_SignatureVerify(&signature, &message_hash, &wrapped_pair_key.pub_key);
/* SCE power off */
R_SCE_Close(&sce_ctrl);
if (FSP_SUCCESS != return_code)
{
while (1)
{
/* Verify Fail */
}
}
else
{
while (1)
{
/* Verify Success */
}
}
}

RSA Example

This is an example of RSA-2048 encryption and decryption.

uint8_t rsa_msg[256] =
{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
};
void r_sce_example_rsa () {
uint8_t enc_cipher[HW_SCE_RSA_2048_DATA_BYTE_SIZE];
uint8_t dec_plain[HW_SCE_RSA_2048_DATA_BYTE_SIZE];
plain.data_length = sizeof(rsa_msg) - PADDING_MINIMUM_BYTE_SIZE;
plain.pdata = (uint8_t *) rsa_msg;
plain_dec.data_length = sizeof(dec_plain);
plain_dec.pdata = dec_plain;
cipher.data_length = sizeof(enc_cipher);
cipher.pdata = enc_cipher;
/* SCE power on */
R_SCE_Open(&sce_ctrl, &sce_cfg);
/* Generate a random key */
/* Encrypt a plain data */
R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher, &wrapped_pair_key.pub_key);
/* Decrypt a plain data */
R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain_dec, &wrapped_pair_key.priv_key);
/* SCE power off */
R_SCE_Close(&sce_ctrl);
/* Compare plain_dec and plain */
if (0 != memcmp(plain_dec.pdata, plain.pdata, plain_dec.data_length))
{
while (1)
{
/* plain_dec and plain are different (incorrect) */
}
}
else
{
while (1)
{
/* plain_dec and plain are the same (correct) */
}
}
}

HASH Example

This is an example of calculating the SHA256 hash.

uint8_t message[] =
{
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
};
uint8_t hash[] =
{
0x63, 0x0d, 0xcd, 0x29, 0x66, 0xc4, 0x33, 0x66, 0x91, 0x12, 0x54, 0x48, 0xbb, 0xb2, 0x5b, 0x4f,
0xf4, 0x12, 0xa4, 0x9c, 0x73, 0x2d, 0xb2, 0xc8, 0xab, 0xc1, 0xb8, 0x58, 0x1b, 0xd7, 0x10, 0xdd
};
void r_sce_example_hash ()
{
uint8_t digest[HW_SCE_SHA256_HASH_LENGTH_BYTE_SIZE] = {0};
uint32_t digest_length = 0;
/* SCE power on */
R_SCE_Open(&sce_ctrl, &sce_cfg);
/* Encrypt a message text */
R_SCE_SHA256_Update(&handle, &message, HW_SCE_SHA256_HASH_LENGTH_BYTE_SIZE);
R_SCE_SHA256_Final(&handle, &digest, &digest_length);
/* SCE power off */
R_SCE_Close(&sce_ctrl);
/* Compare digest and hash */
if (0 != memcmp(digest, hash, digest_length))
{
while (1)
{
/* digest and hash are different (incorrect) */
}
}
else
{
while (1)
{
/* digest and hash are the same (correct) */
}
}
}

Data Structures

struct  sce_instance_ctrl_t
 

Data Structure Documentation

◆ sce_instance_ctrl_t

struct sce_instance_ctrl_t

SCE private control block. DO NOT MODIFY. Initialization occurs when R_SCE_Open() is called.

Function Documentation

◆ R_SCE_SHA256_Init()

fsp_err_t R_SCE_SHA256_Init ( sce_sha_md5_handle_t handle)

The R_SCE_SHA256_Init() function performs preparations for the execution of an SHA-256 hash calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_SHA256_Update() function and R_SCE_SHA256_Final() function.

Parameters
[in,out]handleSHA handler (work area)
Return values
FSP_SUCCESSNormal termination
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256_Update()

fsp_err_t R_SCE_SHA256_Update ( sce_sha_md5_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_SHA256_Update() function calculates a hash value based on the second argument, message, and the third argument, message_length, and writes the ongoing status to the first argument, handle. After message input is completed, call R_SCE_SHA256_Final().

Parameters
[in,out]handleSHA handler (work area)
[in]messagemessage data area
[in]message_lengthmessage data length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256_Final()

fsp_err_t R_SCE_SHA256_Final ( sce_sha_md5_handle_t handle,
uint8_t *  digest,
uint32_t *  digest_length 
)

Using the handle specified in the first argument, handle, the R_SCE_SHA256_Final() function writes the calculation result to the second argument, digest, and writes the length of the calculation result to the third argument, digest_length.

Parameters
[in,out]handleSHA handler (work area)
[in,out]digesthasha data area
[in,out]digest_lengthhash data length (32bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_GenerateInit()

fsp_err_t R_SCE_SHA256HMAC_GenerateInit ( sce_hmac_sha_handle_t handle,
sce_hmac_sha_wrapped_key_t wrapped_key 
)

The R_SCE_SHA256HMAC_GenerateInit() function uses the second argument wrapped_key to prepare for execution of SHA256-HMAC calculation, then writes the result to the first argument handle. The argument handle is used by the subsequent R_SCE_SHA256HMAC_GenerateUpdate() function or R_SCE_SHA256HMAC_GenerateFinal() function.

Parameters
[in,out]handleSHA-HMAC handler (work area)
[in]wrapped_keyMAC wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILAn invalid MAC wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_GenerateUpdate()

fsp_err_t R_SCE_SHA256HMAC_GenerateUpdate ( sce_hmac_sha_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_SHA256HMAC_GenerateUpdate() function uses the handle specified by the first argument handle, calculates a hash value from the second argument message and third argument message_length, then writes the intermediate result to the first argument handle. After message input finishes, call the R_SCE_SHA256HMAC_GenerateFinal() function.

Parameters
[in,out]handleSHA-HMAC handle (work area)
[in]messageMessage area
[in]message_lengthMessage length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_GenerateFinal()

fsp_err_t R_SCE_SHA256HMAC_GenerateFinal ( sce_hmac_sha_handle_t handle,
uint8_t *  mac 
)

The R_SCE_SHA256HMAC_GenerateFinal() function uses the handle specified by the first argument handle and writes the calculation result to the second argument mac.

Parameters
[in,out]handleSHA-HMAC handle (work area)
[in,out]macHMAC area (32 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_VerifyInit()

fsp_err_t R_SCE_SHA256HMAC_VerifyInit ( sce_hmac_sha_handle_t handle,
sce_hmac_sha_wrapped_key_t wrapped_key 
)

The R_SCE_SHA256HMAC_VerifyInit() function uses the second argument wrapped_key to prepare for execution of SHA256-HMAC calculation, then writes the result to the first argument handle. The argument handle is used by the subsequent R_SCE_SHA256HMAC_VerifyUpdate() function or R_SCE_SHA256HMAC_VerifyFinal() function.

Parameters
[in,out]handleSHA-HMAC handler (work area)
[in]wrapped_keyMAC wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILAn invalid MAC wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_VerifyUpdate()

fsp_err_t R_SCE_SHA256HMAC_VerifyUpdate ( sce_hmac_sha_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_SHA256HMAC_VerifyUpdate() function uses the handle specified by the first argument handle, calculates a hash value from the second argument message and third argument message_length, then writes the intermediate result to the first argument handle. After message input finishes, call the R_SCE_SHA256HMAC_VerifyFinal() function.

Parameters
[in,out]handleSHA-HMAC handle (work area)
[in]messageMessage area
[in]message_lengthMessage length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_SHA256HMAC_VerifyFinal()

fsp_err_t R_SCE_SHA256HMAC_VerifyFinal ( sce_hmac_sha_handle_t handle,
uint8_t *  mac,
uint32_t  mac_length 
)

The R_SCE_SHA256HMAC_VerifyFinal() function uses the handle specified by the first argument handle and verifies the mac value from the second argument mac and third argument mac_length. Input a value in bytes from 4 to 32 as mac_length.

Parameters
[in,out]handleSHA-HMAC handle (work area)
[in]macHMAC area
[in]mac_lengthHMAC length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS1024_SignatureGenerate()

fsp_err_t R_SCE_RSASSA_PKCS1024_SignatureGenerate ( sce_rsa_byte_data_t message_hash,
sce_rsa_byte_data_t signature,
sce_rsa1024_private_wrapped_key_t wrapped_key,
uint8_t  hash_type 
)

The R_SCE_RSASSA_PKCS1024_SignatureGenerate() function generates, in accordance with RSASSA-PKCS1-V1_5, a signature from the message text or hash value that is input in the first argument, message_hash, using the private wrapped key input to the third argument, wrapped_key, and writes the signature text to the second argument, signature. When a message is specified in the first argument, message_hash->data_type, a hash value is calculated for the message as specified by the fourth argument, hash_type. When specifying a hash value in the first argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters
[in]message_hashMessage or hash value to which to attach signature
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing the signature text
  • signature->data_length : data length
[in]wrapped_keyInputs the 1024-bit RSA private wrapped key.
[in]hash_typeOnly HW_SCE_RSA_HASH_SHA256 is supported
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS1024_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS1024_SignatureVerify ( sce_rsa_byte_data_t signature,
sce_rsa_byte_data_t message_hash,
sce_rsa1024_public_wrapped_key_t wrapped_key,
uint8_t  hash_type 
)

The R_SCE_RSASSA_PKCS1024_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters
[in]signatureSignature text information to verify
  • signature->pdata : Specifies pointer to array storing the signature text
  • signature->data_length : Specifies effective data length of the array
[in]message_hashMessage text or hash value to verify
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInputs the 1024-bit RSA public wrapped key.
[in]hash_typeOnly HW_SCE_RSA_HASH_SHA256 is supported
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS1024_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS1024_Encrypt ( sce_rsa_byte_data_t plain,
sce_rsa_byte_data_t cipher,
sce_rsa1024_public_wrapped_key_t wrapped_key 
)

The R_SCE_RSAES_PKCS1024_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters
[in]plainplaintext
  • plain->pdata : Specifies pointer to array containing plaintext.
  • plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]cipherciphertext
  • cipher->pdata : Specifies pointer to array containing ciphertext.
  • cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]wrapped_keyInputs the 1024-bit RSA public wrapped key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILIncorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS1024_Decrypt()

fsp_err_t R_SCE_RSAES_PKCS1024_Decrypt ( sce_rsa_byte_data_t cipher,
sce_rsa_byte_data_t plain,
sce_rsa1024_private_wrapped_key_t wrapped_key 
)

The R_SCE_RSAES_PKCS1024_Decrypt() function RSA-decrypts the ciphertext input to the first argument, cipher, according to RSAES-PKCS1-V1_5. It writes the decryption result to the second argument, plain.

Parameters
[in]cipherciphertext
  • cipher->pdata : Specifies pointer to array containing ciphertext.
  • cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in,out]plainplaintext
  • plain->pdata : Specifies pointer to array containing plaintext.
  • plain->data_length : Inputs plaintext buffer size. The following size is required. Plaintext buffer size >= public key n size -11. Outputs valid data length after decryption (public key n size).
[in]wrapped_keyInputs the 1024-bit RSA private wrapped key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILIncorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS2048_SignatureGenerate()

fsp_err_t R_SCE_RSASSA_PKCS2048_SignatureGenerate ( sce_rsa_byte_data_t message_hash,
sce_rsa_byte_data_t signature,
sce_rsa2048_private_wrapped_key_t wrapped_key,
uint8_t  hash_type 
)

The R_SCE_RSASSA_PKCS2048_SignatureGenerate() function generates, in accordance with RSASSA-PKCS1-V1_5, a signature from the message text or hash value that is input in the first argument, message_hash, using the private wrapped key input to the third argument, wrapped_key, and writes the signature text to the second argument, signature. When a message is specified in the first argument, message_hash->data_type, a hash value is calculated for the message as specified by the fourth argument, hash_type. When specifying a hash value in the first argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters
[in]message_hashMessage or hash value to which to attach signature
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing the signature text
  • signature->data_length : data length
[in]wrapped_keyInputs the 2048-bit RSA private wrapped key.
[in]hash_typeOnly HW_SCE_RSA_HASH_SHA256 is supported
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS2048_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS2048_SignatureVerify ( sce_rsa_byte_data_t signature,
sce_rsa_byte_data_t message_hash,
sce_rsa2048_public_wrapped_key_t wrapped_key,
uint8_t  hash_type 
)

The R_SCE_RSASSA_PKCS2048_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters
[in]signatureSignature text information to verify
  • signature->pdata : Specifies pointer to array storing the signature text
  • signature->data_length : Specifies effective data length of the array
[in]message_hashMessage text or hash value to verify
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInputs the 1024-bit RSA public wrapped key.
[in]hash_typeOnly HW_SCE_RSA_HASH_SHA256 is supported
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS3072_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS3072_SignatureVerify ( sce_rsa_byte_data_t signature,
sce_rsa_byte_data_t message_hash,
sce_rsa3072_public_wrapped_key_t wrapped_key,
uint8_t  hash_type 
)

The R_SCE_RSASSA_PKCS3072_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters
[in]signatureSignature text information to verify
  • signature->pdata : Specifies pointer to array storing the signature text
  • signature->data_length : Specifies effective data length of the array
[in]message_hashMessage text or hash value to verify
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInputs the 3072-bit RSA public wrapped key.
[in]hash_typeOnly HW_SCE_RSA_HASH_SHA256 is supported
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSASSA_PKCS4096_SignatureVerify()

fsp_err_t R_SCE_RSASSA_PKCS4096_SignatureVerify ( sce_rsa_byte_data_t signature,
sce_rsa_byte_data_t message_hash,
sce_rsa4096_public_wrapped_key_t wrapped_key,
uint8_t  hash_type 
)

The R_SCE_RSASSA_PKCS4096_SignatureVerify() function verifies, in accordance with RSASSA-PKCS1-V1_5, the signature text input to the first argument signature, and the message text or hash value input to the second argument, message_hash, using the public wrapped key input to the third argument, wrapped_key. When a message is specified in the second argument, message_hash->data_type, a hash value is calculated using the public wrapped key input to the third argument, wrapped_key, and as specified by the fourth argument, hash_type. When specifying a hash value in the second argument, message_hash->data_type, a hash value calculated with a hash algorithm as specified by the fourth argument, hash_type, must be input to message_hash->pdata.

Parameters
[in]signatureSignature text information to verify
  • signature->pdata : Specifies pointer to array storing the signature text
  • signature->data_length : Specifies effective data length of the array
[in]message_hashMessage text or hash value to verify
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInputs the 1024-bit RSA public wrapped key.
[in]hash_typeOnly HW_SCE_RSA_HASH_SHA256 is supported
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS2048_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS2048_Encrypt ( sce_rsa_byte_data_t plain,
sce_rsa_byte_data_t cipher,
sce_rsa2048_public_wrapped_key_t wrapped_key 
)

The R_SCE_RSAES_PKCS2048_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters
[in]plainplaintext
  • plain->pdata : Specifies pointer to array containing plaintext.
  • plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]cipherciphertext
  • cipher->pdata : Specifies pointer to array containing ciphertext.
  • cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]wrapped_keyInputs the 2048-bit RSA public wrapped key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILIncorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS2048_Decrypt()

fsp_err_t R_SCE_RSAES_PKCS2048_Decrypt ( sce_rsa_byte_data_t cipher,
sce_rsa_byte_data_t plain,
sce_rsa2048_private_wrapped_key_t wrapped_key 
)

The R_SCE_RSAES_PKCS2048_Decrypt() function RSA-decrypts the ciphertext input to the first argument, cipher, according to RSAES-PKCS1-V1_5. It writes the decryption result to the second argument, plain.

Parameters
[in]cipherciphertext
  • cipher->pdata : Specifies pointer to array containing ciphertext.
  • cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in,out]plainplaintext
  • plain->pdata : Specifies pointer to array containing plaintext.
  • plain->data_length : Inputs plaintext buffer size. The following size is required. Plaintext buffer size >= public key n size -11. Outputs valid data length after decryption (public key n size).
[in]wrapped_keyInputs the 1024-bit RSA private wrapped key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILIncorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS3072_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS3072_Encrypt ( sce_rsa_byte_data_t plain,
sce_rsa_byte_data_t cipher,
sce_rsa3072_public_wrapped_key_t wrapped_key 
)

The R_SCE_RSAES_PKCS3072_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters
[in]plainplaintext
  • plain->pdata : Specifies pointer to array containing plaintext.
  • plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]cipherciphertext
  • cipher->pdata : Specifies pointer to array containing ciphertext.
  • cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]wrapped_keyInputs the 3072-bit RSA public wrapped key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILIncorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSAES_PKCS4096_Encrypt()

fsp_err_t R_SCE_RSAES_PKCS4096_Encrypt ( sce_rsa_byte_data_t plain,
sce_rsa_byte_data_t cipher,
sce_rsa4096_public_wrapped_key_t wrapped_key 
)

The R_SCE_RSAES_PKCS4096_Encrypt() function RSA-encrypts the plaintext input to the first argument, plain, according to RSAES-PKCS1-V1_5. It writes the encryption result to the second argument, cipher.

Parameters
[in]plainplaintext
  • plain->pdata : Specifies pointer to array containing plaintext.
  • plain->data_length : Specifies valid data length of plaintext array. data size <= public key n size - 11
[in,out]cipherciphertext
  • cipher->pdata : Specifies pointer to array containing ciphertext.
  • cipher->data_length : Inputs ciphertext buffer size. Outputs valid data length after encryption (public key n size).
[in]wrapped_keyInputs the 4096-bit RSA public wrapped key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILIncorrect wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_Open()

fsp_err_t R_SCE_Open ( sce_ctrl_t *const  p_ctrl,
sce_cfg_t const *const  p_cfg 
)

Enables use of SCE functionality.

Parameters
[in]p_ctrlPointer to control structure.
[in]p_cfgPointer to pin configuration structure.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILThe error-detection self-test failed to terminate normally.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_RETRYIndicates that an entropy evaluation failure occurred. Run the function again.
Returns
See Common Error Codes or functions called by this function for other possible return codes.
Note
The valid pre-run state is SCE disabled. The pre-run state is SCE Disabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_Close()

fsp_err_t R_SCE_Close ( sce_ctrl_t *const  p_ctrl)

Stops supply of power to the SCE.

Parameters
[in]p_ctrlPointer to control structure.
Return values
FSP_SUCCESSNormal termination
Note
The pre-run state is any state. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_SoftwareReset()

fsp_err_t R_SCE_SoftwareReset ( void  )

Software reset to SCE.

Reverts the state to the SCE initial state.

Return values
FSP_SUCCESSNormal termination
Note
The pre-run state is any state. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_RandomNumberGenerate()

fsp_err_t R_SCE_RandomNumberGenerate ( uint32_t *  random)

This API can generate 4 words random number.

Parameters
[in,out]randomStores 4words (16 bytes) random data.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128_WrappedKeyGenerate()

fsp_err_t R_SCE_AES128_WrappedKeyGenerate ( sce_aes_wrapped_key_t wrapped_key)

This API outputs 128-bit AES wrapped key from a random number.

This API generates a wrapped key from a random number in the SCE. Accordingly, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.

Parameters
[in,out]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_AES256_WrappedKeyGenerate()

fsp_err_t R_SCE_AES256_WrappedKeyGenerate ( sce_aes_wrapped_key_t wrapped_key)

This API outputs 256-bit AES wrapped key from a random number.

This API generates a wrapped key from a random number in the SCE. Accordingly, user key input is unnecessary. By encrypting data using the wrapped key is output by this API, dead copying of data can be prevented.

Parameters
[in,out]wrapped_key256-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Disabled State.

◆ R_SCE_AES128_EncryptedKeyWrap()

fsp_err_t R_SCE_AES128_EncryptedKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_aes_wrapped_key_t wrapped_key 
)

This API wraps 128-bit AES key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256_EncryptedKeyWrap()

fsp_err_t R_SCE_AES256_EncryptedKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_aes_wrapped_key_t wrapped_key 
)

This API wraps 256-bit AES key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key256-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128_RFC3394KeyWrap()

fsp_err_t R_SCE_AES128_RFC3394KeyWrap ( sce_aes_wrapped_key_t master_key,
uint32_t  target_key_type,
sce_aes_wrapped_key_t target_key,
uint32_t *  rfc3394_wrapped_key 
)

This API wraps 128-bit AES key within the user routine.

Parameters
[in]master_keyAES-128 key used for wrapping.
[in]target_key_typeSelects key to be wrapped.
[in]target_keyKey to be wrapped.
[out]rfc3394_wrapped_keyWrapped key.
Return values
FSP_SUCCESSNormal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTResource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.

◆ R_SCE_AES256_RFC3394KeyWrap()

fsp_err_t R_SCE_AES256_RFC3394KeyWrap ( sce_aes_wrapped_key_t master_key,
uint32_t  target_key_type,
sce_aes_wrapped_key_t target_key,
uint32_t *  rfc3394_wrapped_key 
)

This API wraps 256-bit AES key within the user routine.

Parameters
[in]master_keyAES-256 key used for wrapping.
[in]target_key_typeSelects key to be wrapped.
[in]target_keyKey to be wrapped.
[out]rfc3394_wrapped_keyWrapped key.
Return values
FSP_SUCCESSNormal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTResource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.

◆ R_SCE_AES128_RFC3394KeyUnwrap()

fsp_err_t R_SCE_AES128_RFC3394KeyUnwrap ( sce_aes_wrapped_key_t master_key,
uint32_t  target_key_type,
uint32_t *  rfc3394_wrapped_key,
sce_aes_wrapped_key_t target_key 
)

This API unwraps 128-bit AES key within the user routine.

Parameters
[in]master_keyAES-128 key used for unwrapping.
[in]target_key_typeSelects key to be unwrapped.
[in]rfc3394_wrapped_keyWrapped key.
[out]target_keyKey to be unwrapped.
Return values
FSP_SUCCESSNormal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTResource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.

◆ R_SCE_AES256_RFC3394KeyUnwrap()

fsp_err_t R_SCE_AES256_RFC3394KeyUnwrap ( sce_aes_wrapped_key_t master_key,
uint32_t  target_key_type,
uint32_t *  rfc3394_wrapped_key,
sce_aes_wrapped_key_t target_key 
)

This API unwraps 256-bit AES key within the user routine.

Parameters
[in]master_keyAES-256 key used for unwrapping.
[in]target_key_typeSelects key to be unwrapped.
[in]rfc3394_wrapped_keyWrapped key.
[out]target_keyKey to be unwrapped.
Return values
FSP_SUCCESSNormal termination.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTResource conflict.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal user Key Generation Information.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.

◆ R_SCE_SHA256HMAC_EncryptedKeyWrap()

fsp_err_t R_SCE_SHA256HMAC_EncryptedKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_hmac_sha_wrapped_key_t wrapped_key 
)

This API wraps HMAC-SHA256 key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keyHMAC-SHA256 wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA1024_WrappedKeyPairGenerate()

fsp_err_t R_SCE_RSA1024_WrappedKeyPairGenerate ( sce_rsa1024_wrapped_pair_key_t wrapped_pair_key)

This API outputs a wrapped key pair for a 1024-bit RSA public key and private key pair. These keys are generated from a random value produced internally by the SCE. Consequently, there is no need to input a user key. Dead copying of data can be prevented by encrypting the data using the wrapped key output by this API. A public wrapped key is generated by wrapped_pair_key->pub_key, and a private wrapped key is generated by wrapped_pair_key->priv_key. As the public key exponent, only 0x00010001 is generated.

Parameters
[in,out]wrapped_pair_keyUser key index for RSA 1024-bit public key and private key pair
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred. Key generation failed.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA2048_WrappedKeyPairGenerate()

fsp_err_t R_SCE_RSA2048_WrappedKeyPairGenerate ( sce_rsa2048_wrapped_pair_key_t wrapped_pair_key)

This API outputs a wrapped key pair for a 2048-bit RSA public key and private key pair. These keys are generated from a random value produced internally by the SCE. Consequently, there is no need to input a user key. Dead copying of data can be prevented by encrypting the data using the wrapped key output by this API. A public wrapped key is generated by wrapped_pair_key->pub_key, and a private wrapped key is generated by wrapped_pair_key->priv_key. As the public key exponent, only 0x00010001 is generated.

Parameters
[in,out]wrapped_pair_keyUser key index for RSA 2048-bit public key and private key pair
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred. Key generation failed.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA1024_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA1024_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_rsa1024_public_wrapped_key_t wrapped_key 
)

This API wraps 1024-bit RSA public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key1024-bit RSA public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA1024_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_RSA1024_EncryptedPrivateKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_rsa1024_private_wrapped_key_t wrapped_key 
)

This API wraps 1024-bit RSA private key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key1024-bit RSA private wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA2048_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA2048_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_rsa2048_public_wrapped_key_t wrapped_key 
)

This API wraps 2048-bit RSA public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key1024-bit RSA public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA2048_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_RSA2048_EncryptedPrivateKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_rsa2048_private_wrapped_key_t wrapped_key 
)

This API wraps 2048-bit RSA private key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key2048-bit RSA private wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA3072_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA3072_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_rsa3072_public_wrapped_key_t wrapped_key 
)

This API wraps 3072-bit RSA public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key3072-bit RSA public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_RSA4096_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_RSA4096_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_rsa4096_public_wrapped_key_t wrapped_key 
)

This API wraps 4096-bit RSA public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_key1024-bit RSA public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp192r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp192r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t wrapped_pair_key)

This is an API for outputting a wrapped key pair for secp192r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters
[in,out]wrapped_pair_keyWrapped pair key for secp192r1 public key and private key pair
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp224r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp224r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t wrapped_pair_key)

This is an API for outputting a wrapped key pair for secp224r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters
[in,out]wrapped_pair_keyWrapped pair key for secp224r1 public key and private key pair
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp256r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp256r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t wrapped_pair_key)

This is an API for outputting a wrapped key pair for secp256r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters
[in,out]wrapped_pair_keyWrapped pair key for secp256r1 public key and private key pair
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp384r1_WrappedKeyPairGenerate()

fsp_err_t R_SCE_ECC_secp384r1_WrappedKeyPairGenerate ( sce_ecc_wrapped_pair_key_t wrapped_pair_key)

This is an API for outputting a wrapped key pair for secp384r1 public key and private key pair. These keys are generated from a random number value internally within the SCE. There is therefore no need to input user keys. It is possible to prevent dead copying of data by using the wrapped key output by this API to encrypt the data. The public key index is generated in wrapped_pair_key->pub_key, and the private key index is generated in wrapped_pair_key->priv_key.

Parameters
[in,out]wrapped_pair_keyWrapped pair key for secp384r1 public key and private key pair
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp192r1_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_public_wrapped_key_t wrapped_key 
)

This API wraps secp192r1 public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp192r1 public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp224r1_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_public_wrapped_key_t wrapped_key 
)

This API wraps secp224r1 public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp224r1 public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp256r1_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_public_wrapped_key_t wrapped_key 
)

This API wraps secp256r1 public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp256r1 public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap()

fsp_err_t R_SCE_ECC_secp384r1_EncryptedPublicKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_public_wrapped_key_t wrapped_key 
)

This API wraps secp384r1 public key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp384r1 public wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp192r1_EncryptedPrivateKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_private_wrapped_key_t wrapped_key 
)

This API wraps secp192r1 private key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp192r1 private wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp224r1_EncryptedPrivateKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_private_wrapped_key_t wrapped_key 
)

This API wraps secp224r1 private key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp224r1 private wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp256r1_EncryptedPrivateKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_private_wrapped_key_t wrapped_key 
)

This API wraps secp256r1 private key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp256r1 private wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap()

fsp_err_t R_SCE_ECC_secp384r1_EncryptedPrivateKeyWrap ( uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_key_update_key_t key_update_key,
sce_ecc_private_wrapped_key_t wrapped_key 
)

This API wraps secp384r1 private key within the user routine.

Parameters
[in]initial_vectorInitialization vector when generating encrypted_key
[in]encrypted_keyUser key encryptedand MAC appended
[in]key_update_keyKey update keyring
[in,out]wrapped_keysecp384r1 private wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall()

fsp_err_t R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall ( uint8_t *  encrypted_provisioning_key,
uint8_t *  initial_vector,
uint8_t *  encrypted_key,
sce_tls_ca_certification_public_wrapped_key_t *  wrapped_key 
)

Generate TLS RSA Public key index data

Parameters
[in]encrypted_provisioning_keythe provisioning key includes encrypted CBC/CBC-MAC key for user key
[in]initial_vectorthe initial_vector for user key CBC encrypt
[in]encrypted_keythe user key encrypted with AES128-ECB mode
[out]wrapped_keythe user Key Generation Information (141 words) of RSA2048 bit
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate()

fsp_err_t R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate ( sce_tls_p256_ecc_wrapped_key_t *  tls_p256_ecc_wrapped_key,
uint8_t *  ephemeral_ecdh_public_key 
)

Generate TLS ECC key pair

Parameters
[in]tls_p256_ecc_wrapped_keyP256 ECC key index for TLS
[in]ephemeral_ecdh_public_keyephemeral ECDH public key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp192r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp192r1_SignatureGenerate ( sce_ecdsa_byte_data_t message_hash,
sce_ecdsa_byte_data_t signature,
sce_ecc_private_wrapped_key_t wrapped_key 
)

When a message is specified in the first argument, message_hash->data_type, a SHA-256 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp192r1 using the private wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 24 bytes of the SHA-256 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp192r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters
[in]message_hashMessage or hash value to which to attach signature
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (64 bits) || signature r (192 bits) || 0 padding (64 bits) || signature s (192 bits)".
  • signature->data_length : Data length (byte units)
[in]wrapped_keyInput wrapped key of secp192r1 private key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp224r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp224r1_SignatureGenerate ( sce_ecdsa_byte_data_t message_hash,
sce_ecdsa_byte_data_t signature,
sce_ecc_private_wrapped_key_t wrapped_key 
)

When a message is specified in the first argument, message_hash->data_type, a SHA-256 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp224r1 using the private wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 28 bytes of the SHA-256 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp224r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters
[in]message_hashMessage or hash value to which to attach signature
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (32 bits) || signature r (224 bits) || 0 padding (32 bits) || signature s (224 bits)".
  • signature->data_length : Data length (byte units)
[in]wrapped_keyInput wrapped key of secp224r1 private key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp256r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp256r1_SignatureGenerate ( sce_ecdsa_byte_data_t message_hash,
sce_ecdsa_byte_data_t signature,
sce_ecc_private_wrapped_key_t wrapped_key 
)

When a message is specified in the first argument, message_hash->data_type, a SHA-256 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp256r1 using the private wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 32 bytes of the SHA-256 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp256r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters
[in]message_hashMessage or hash value to which to attach signature
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (256 bits) || signature s (256 bits)".
  • signature->data_length : Data length (byte units)
[in]wrapped_keyInput wrapped key of secp256r1 private key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp384r1_SignatureGenerate()

fsp_err_t R_SCE_ECDSA_secp384r1_SignatureGenerate ( sce_ecdsa_byte_data_t message_hash,
sce_ecdsa_byte_data_t signature,
sce_ecc_private_wrapped_key_t wrapped_key 
)

When a message is specified in the first argument, message_hash->data_type, a SHA-384 hash of the message text input as the first argument, message_hash->pdata, is calculated, and the signature text is written to the second argument, signature, in accordance with secp384r1 using the private wrapped key input as the third argument, wrapped_key.

To use message input, prepare a user-defined function for SHA384.

When a hash value is specified in the first argument, message_hash->data_type, the signature text for the first 48 bytes of the SHA-384 hash value input to the first argument, message_hash->pdata, is written to the second argument, signature, in accordance with secp384r1 using the private wrapped key input as the third argument, wrapped_key.

Parameters
[in]message_hashMessage or hash value to which to attach signature
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (384 bits) || signature s (384 bits)".
  • signature->data_length : Data length (byte units)
[in]wrapped_keyInput wrapped key of secp384r1 private key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp192r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp192r1_SignatureVerify ( sce_ecdsa_byte_data_t signature,
sce_ecdsa_byte_data_t message_hash,
sce_ecc_public_wrapped_key_t wrapped_key 
)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp192r1 using the public wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 24 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp192r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters
[in]signatureSignature text information to be verified
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (64 bits) || signature r (192 bits) || 0 padding (64 bits) || signature s (192 bits)".
  • signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]message_hashMessage or hash value to be verified
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInput wrapped key of secp192r1 public key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp224r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp224r1_SignatureVerify ( sce_ecdsa_byte_data_t signature,
sce_ecdsa_byte_data_t message_hash,
sce_ecc_public_wrapped_key_t wrapped_key 
)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp224r1 using the public wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 28 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp224r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters
[in]signatureSignature text information to be verified
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "0 padding (32 bits) || signature r (224 bits) || 0 padding (32 bits) || signature s (224 bits)".
  • signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]message_hashMessage or hash value to be verified
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInput wrapped key of secp224r1 public key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp256r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp256r1_SignatureVerify ( sce_ecdsa_byte_data_t signature,
sce_ecdsa_byte_data_t message_hash,
sce_ecc_public_wrapped_key_t wrapped_key 
)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp256r1 using the public wrapped key input as the third argument, wrapped_key.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 32 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp256r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters
[in]signatureSignature text information to be verified
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (256 bits) || signature s (256 bits)".
  • signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]message_hashMessage or hash value to be verified
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInput wrapped key of secp256r1 public key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDSA_secp384r1_SignatureVerify()

fsp_err_t R_SCE_ECDSA_secp384r1_SignatureVerify ( sce_ecdsa_byte_data_t signature,
sce_ecdsa_byte_data_t message_hash,
sce_ecc_public_wrapped_key_t wrapped_key 
)

When a message is specified in the second argument, message_hash->data_type, a SHA-256 hash of the message text input as the second argument, message_hash->pdata, is calculated, and the signature text input to the first argument, signature, is validated in accordance with secp384r1 using the public wrapped key input as the third argument, wrapped_key.

To use message input, prepare a user-defined function for SHA384.

When a hash value is specified in the second argument, message_hash->data_type, the signature text for the first 48 bytes of the SHA-256 hash value input to the second argument, message_hash->pdata, input to the first argument, signature, is validated in accordance with secp384r1 using the public wrapped key input as the third argument, wrapped_key.

Parameters
[in]signatureSignature text information to be verified
  • signature->pdata : Specifies pointer to array storing signature text The signature format is "signature r (384 bits) || signature s (384 bits)".
  • signature->data_length : Specifies the data length (byte units) (nonuse)
[in,out]message_hashMessage or hash value to be verified
  • message_hash->pdata : Specifies pointer to array storing the message or hash value
  • message_hash->data_length : Specifies effective data length of the array (Specify only when Message is selected)
  • message_hash->data_type : Selects the data type of message_hash (Message: 0 Hash value: 1)
[in]wrapped_keyInput wrapped key of secp384r1 public key.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_Init()

fsp_err_t R_SCE_ECDH_secp256r1_Init ( sce_ecdh_handle_t handle,
uint32_t  key_type,
uint32_t  use_key_id 
)

The R_SCE_ECDH_secp256r1_Init() function prepares to perform ECDH key exchange computation and writes the result to the first argument, handle. The succeeding functions R_SCE_ECDH_secp256r1_PublicKeySign(), R_SCE_ECDH_secp256r1_PublicKeyVerify(), R_SCE_ECDH_secp256r1_SharedSecretCalculate(), and R_SCE_ECDH_secp256r1_KeyDerivation() use handle as an argument.

Use the second argument, key_type, to select the type of ECDH key exchange. When ECDHE is selected, the R_SCE_ECDH_secp256r1_PublicKeySign() function uses the SCE's random number generation functionality to generate an secp256r1 key pair. When ECDH is selected, keys installed beforehand are used for key exchange.

Input 1 as the third argument, use_key_id, to use key_id when key exchange is performed. key_id is for applications conforming to the DLMS/COSEM standard for smart meters.

Parameters
[in,out]handleECDH handler (work area)
[in]key_typeKey exchange type (0: ECDHE, 1: ECDH, 2:ECDH(AES-GCM-128 with IV))
[in]use_key_id0: key_id not used, 1: key_id used
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is invalid.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_PublicKeySign()

fsp_err_t R_SCE_ECDH_secp256r1_PublicKeySign ( sce_ecdh_handle_t handle,
sce_ecc_public_wrapped_key_t ecc_public_wrapped_key,
sce_ecc_private_wrapped_key_t ecc_private_wrapped_key,
uint8_t *  public_key,
sce_ecdsa_byte_data_t signature,
sce_ecc_private_wrapped_key_t wrapped_key 
)

The R_SCE_ECDH_secp256r1_PublicKeySign() function calculates a signature for a public key user wrapped key used for ECDH key exchange.

If ECDHE is specified by the key_type argument of the R_SCE_ECDH_secp256r1_Init() function, the SCE's random number generation functionality is used to generate an secp256r1 key pair. The public key is output to public_key and the private key is output to wrapped_key.

If ECDH is specified by the key_type argument of the R_SCE_ECDH_secp256r1_Init() function, the public key input as ecc_public_wrapped_key is output to public_key and nothing is output to wrapped_key.

The succeeding function R_SCE_ECDH_secp256r1_SharedSecretCalculate() uses the first argument, handle, as an argument. R_SCE_ECDH_secp256r1_SharedSecretCalculate() function uses wrapped_key as input to calculate Z.

Parameters
[in,out]handleECDH handler (work area) When using key_id, input handle->key_id after running R_SCE_ECDH_secp256r1_Init().
[in]ecc_public_wrapped_keyFor ECDHE, input a null pointer. For ECDH, input the wrapped key of a secp256r1 public key.
[in]ecc_private_wrapped_keysecp256r1 private key for signature generation
[in,out]public_keyUser secp256r1 public key (512-bit) for key exchange. When using key_id, key_id (8-bit) || public key (512-bit) || 0 padding (24-bit)
[in,out]signatureSignature text storage destination information
  • signature->pdata : Specifies pointer to array storing signature text. The signature format is "signature r (256 bits) || signature s (256 bits)"
  • signature->data_length : Data length (in byte units)
[in,out]wrapped_keyFor ECDHE, a private wrapped key generated from a random number. Not output for ECDH.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_PublicKeyVerify()

fsp_err_t R_SCE_ECDH_secp256r1_PublicKeyVerify ( sce_ecdh_handle_t handle,
sce_ecc_public_wrapped_key_t ecc_public_wrapped_key,
uint8_t *  public_key_data,
sce_ecdsa_byte_data_t signature,
sce_ecc_public_wrapped_key_t wrapped_key 
)

The R_SCE_ECDH_secp256r1_PublicKeyVerify() function verifies the signature of the secp256r1 public key of the other ECDH key exchange party. If the signature is correct, it outputs the public wrapped key to the fifth argument. The first argument, handle, is used as an argument in the subsequent function R_SCE_ECDH_secp256r1_SharedSecretCalculate(). R_SCE_ECDH_secp256r1_SharedSecretCalculate() uses wrapped_key as input to calculate Z.

Parameters
[in,out]handleECDH handler (work area)
[in]ecc_public_wrapped_keyPublic wrapped key area for signature verification
[in]public_key_datasecp256r1 public key (512-bit). When key_id is used: key_id (8-bit) || public key (512-bit)
[in]signatureECDSA secp256r1 signature of ecc_public_wrapped_key
[in,out]wrapped_keywrapped key of ecc_public_wrapped_key
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred or signature verification failed.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature()

fsp_err_t R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature ( sce_ecdh_handle_t handle,
uint8_t *  public_key_data,
sce_ecc_public_wrapped_key_t wrapped_key 
)

The R_SCE_ECDH_secp256r1_PublicKeyReadWithoutSignature() function reads the secp256r1 public key of the other ECDH key exchange party and outputs the public wrapped key to the third argument. The first argument, handle, is used as an argument in the subsequent function R_SCE_ECDH_secp256r1_SharedSecretCalculate(). R_SCE_ECDH_secp256r1_SharedSecretCalculate() uses wrapped_key as input to calculate Z. This API does not verify signature of public_key_data, please protect this data by upper layer software.

Parameters
[in,out]handleECDH handler (work area)
[in]public_key_datasecp256r1 public key (512-bit). When key_id is used: key_id (8-bit) || public key (512-bit)
[in,out]wrapped_keywrapped key of public_key_data
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.
Please note that this is slightly contrary to the protected mode policy as it omits signature verification.

◆ R_SCE_ECDH_secp256r1_SharedSecretCalculate()

fsp_err_t R_SCE_ECDH_secp256r1_SharedSecretCalculate ( sce_ecdh_handle_t handle,
sce_ecc_public_wrapped_key_t ecc_public_wrapped_key,
sce_ecc_private_wrapped_key_t ecc_private_wrapped_key,
sce_ecdh_wrapped_key_t shared_secret_wrapped_key 
)

The R_SCE_ECDH_secp256r1_SharedSecretCalculate() function uses the ECDH key exchange algorithm to output the wrapped key of the shared secret Z derived from the public key of the other key exchange party and your own private key. Input as the second argument, ecc_public_wrapped_key, the public wrapped key whose signature was verified by R_SCE_ECDH_secp256r1_PublicKeyVerify(). When key_type of R_SCE_ECDH_secp256r1_Init() is 0, input as the third argument, ecc_private_wrapped_key, the private wrapped key generated from a random number by R_SCE_ECDH_secp256r1_PublicKeySign(), and when key_type is other than 0, input the private wrapped key that forms a pair with the second argument of R_SCE_ECDH_secp256r1_PublicKeySign(). The subsequent R_SCE_ECDH_secp256r1_KeyDerivation() function uses shared_secret_wrapped_key as key material for outputting the wrapped key.

Parameters
[in,out]handleECDH handler (work area)
[in]ecc_public_wrapped_keyPublic wrapped key whose signature was verified by R_SCE_ECDH_secp256r1_PublicKeyVerify()
[in]ecc_private_wrapped_keyPrivate wrapped key
[in,out]shared_secret_wrapped_keyWrapped key of shared secret Z calculated by ECDH key exchange
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_ECDH_secp256r1_KeyDerivation()

fsp_err_t R_SCE_ECDH_secp256r1_KeyDerivation ( sce_ecdh_handle_t handle,
sce_ecdh_wrapped_key_t shared_secret_wrapped_key,
uint32_t  key_type,
uint32_t  kdf_type,
uint8_t *  other_info,
uint32_t  other_info_length,
sce_hmac_sha_wrapped_key_t salt_wrapped_key,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_ECDH_secp256r1_KeyDerivation() function uses the shared secret "Z (shared_secret_index)" calculated by the R_SCE_ECDH_secp256r1_SharedSecretCalculate() function as the key material to derive the wrapped key specified by the third argument, key_type. The key derivation algorithm is one-step key derivation as defined in NIST SP800-56C. Either SHA-256 or SHA-256 HMAC is specified by the fourth argument, kdf_type. When SHA-256 HMAC is specified, the wrapped key output by the R_SCE_SHA256HMAC_EncryptedKeyWrap() function is specified as the seventh argument, salt_wrapped_key. Enter a fixed value for deriving a key shared with the key exchange partner in the fifth argument, other_info. A wrapped key corresponding to key_type is output as the eighth argument, wrapped_key. The correspondences between the types of derived wrapped_key and the functions with which they can be used as listed below.

Parameters
[in,out]handleECDH handler (work area)
[in]shared_secret_wrapped_keyZ wrapped key calculated by R_SCE_ECDH_secp256r1_SharedSecretCalculate
[in]key_typeDerived key type (0: AES-128, 1: AES-256, 2:SHA256-HMAC, 3: AES-GCM-128 with IV)
[in]kdf_typeAlgorithm used for key derivation calculation (0: SHA-256, 1:SHA256-HMAC)
[in]other_infoAdditional data used for key derivation calculation: AlgorithmID || PartyUInfo || PartyVInfo
[in]other_info_lengthData length of other_info (up to 147 byte units)
[in]salt_wrapped_keySalt wrapped key (Input NULL when kdf_type is 0.)
[in,out]wrapped_keyWrapped key corresponding to key_type. When the value of key_type is 2, an SHA256-HMAC wrapped key is output. wrapped_key can be specified by casting the start address of the area reserved beforehand by the sce_hmac_sha_wrapped_key_t type with the (sce_aes_wrapped_key_t*) type.
Return values
FSP_SUCCESSNormal end
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource required by the processing is in use by other processing.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_EncryptInit()

fsp_err_t R_SCE_AES128ECB_EncryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES128ECB_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128ECB_EncryptUpdate() function and R_SCE_AES128ECB_EncryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_EncryptUpdate()

fsp_err_t R_SCE_AES128ECB_EncryptUpdate ( sce_aes_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_length 
)

The R_SCE_AES128ECB_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES128ECB_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in,out]plain_lengthplaintext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_EncryptFinal()

fsp_err_t R_SCE_AES128ECB_EncryptFinal ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES128ECB_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]cipherciphertext data area (nothing ever written here)
[in,out]cipher_lengthciphertext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_DecryptInit()

fsp_err_t R_SCE_AES128ECB_DecryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES128ECB_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128ECB_DecryptUpdate() function and R_SCE_AES128ECB_DecryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_DecryptUpdate()

fsp_err_t R_SCE_AES128ECB_DecryptUpdate ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_length 
)

The R_SCE_AES128ECB_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES128ECB_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]cipherciphertext data area
[in,out]plainplaintext data area
[in,out]cipher_lengthciphertext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128ECB_DecryptFinal()

fsp_err_t R_SCE_AES128ECB_DecryptFinal ( sce_aes_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES128ECB_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]plainplaintext data area (nothing ever written here)
[in,out]plain_lengthplaintext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_EncryptInit()

fsp_err_t R_SCE_AES256ECB_EncryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES256ECB_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256ECB_EncryptUpdate() function and R_SCE_AES256ECB_EncryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_EncryptUpdate()

fsp_err_t R_SCE_AES256ECB_EncryptUpdate ( sce_aes_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_length 
)

The R_SCE_AES256ECB_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES256ECB_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in,out]plain_lengthplaintext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_EncryptFinal()

fsp_err_t R_SCE_AES256ECB_EncryptFinal ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES256ECB_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]cipherciphertext data area (nothing ever written here)
[in,out]cipher_lengthciphertext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_DecryptInit()

fsp_err_t R_SCE_AES256ECB_DecryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES128ECB_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128ECB_DecryptUpdate() function and R_SCE_AES128ECB_DecryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_DecryptUpdate()

fsp_err_t R_SCE_AES256ECB_DecryptUpdate ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_length 
)

The R_SCE_AES256ECB_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES256ECB_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]cipherciphertext data area
[in,out]plainplaintext data area
[in,out]cipher_lengthciphertext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256ECB_DecryptFinal()

fsp_err_t R_SCE_AES256ECB_DecryptFinal ( sce_aes_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES256ECB_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]plainplaintext data area (nothing ever written here)
[in,out]plain_lengthplaintext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_EncryptInit()

fsp_err_t R_SCE_AES128CBC_EncryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector 
)

The R_SCE_AES128CBC_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128CBC_EncryptUpdate() function and R_SCE_AES128CBC_EncryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key128-bit AES wrapped key
[in]initial_vectorinitialization vector area (16byte)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_EncryptUpdate()

fsp_err_t R_SCE_AES128CBC_EncryptUpdate ( sce_aes_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_length 
)

The R_SCE_AES128CBC_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES128CBC_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in,out]plain_lengthplaintext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_EncryptFinal()

fsp_err_t R_SCE_AES128CBC_EncryptFinal ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES128CBC_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]cipherciphertext data area (nothing ever written here)
[in,out]cipher_lengthciphertext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_DecryptInit()

fsp_err_t R_SCE_AES128CBC_DecryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector 
)

The R_SCE_AES128CBC_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128CBC_DecryptUpdate() function and R_SCE_AES128CBC_DecryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key128-bit AES wrapped key
[in]initial_vectorinitialization vector area (16byte)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_DecryptUpdate()

fsp_err_t R_SCE_AES128CBC_DecryptUpdate ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_length 
)

The R_SCE_AES128CBC_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES128CBC_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]cipherciphertext data area
[in,out]plainplaintext data area
[in,out]cipher_lengthciphertext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CBC_DecryptFinal()

fsp_err_t R_SCE_AES128CBC_DecryptFinal ( sce_aes_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES128CBC_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]plainplaintext data area (nothing ever written here)
[in,out]plain_lengthplaintext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_EncryptInit()

fsp_err_t R_SCE_AES256CBC_EncryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector 
)

The R_SCE_AES256CBC_EncryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256CBC_EncryptUpdate() function and R_SCE_AES256CBC_EncryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key256-bit AES wrapped key
[in]initial_vectorinitial vector area (16byte)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_EncryptUpdate()

fsp_err_t R_SCE_AES256CBC_EncryptUpdate ( sce_aes_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_length 
)

The R_SCE_AES256CBC_EncryptUpdate() function encrypts the second argument, plain, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the encryption result to the third argument, cipher. After plaintext input is completed, call R_SCE_AES256CBC_EncryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in,out]plain_lengthplaintext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_EncryptFinal()

fsp_err_t R_SCE_AES256CBC_EncryptFinal ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES256CBC_EncryptFinal() function writes the calculation result to the second argument, cipher, and writes the length of the calculation result to the third argument, cipher_length. The original intent was for a portion of the encryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to cipher, and 0 is always written to cipher_length. The arguments cipher and cipher_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]cipherciphertext data area (nothing ever written here)
[in,out]cipher_lengthciphertext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_DecryptInit()

fsp_err_t R_SCE_AES256CBC_DecryptInit ( sce_aes_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector 
)

The R_SCE_AES256CBC_DecryptInit() function performs preparations for the execution of an AES calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256CBC_DecryptUpdate() function and R_SCE_AES256CBC_DecryptFinal() function.

Parameters
[in,out]handleAES handler (work area)
[in]wrapped_key256-bit AES wrapped key
[in]initial_vectorinitialization vector area (16byte)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInput illegal wrapped key.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_DecryptUpdate()

fsp_err_t R_SCE_AES256CBC_DecryptUpdate ( sce_aes_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_length 
)

The R_SCE_AES256CBC_DecryptUpdate() function decrypts the second argument, cipher, utilizing the key index stored in the handle specified in the first argument, handle, and writes the ongoing status to this first argument. In addition, it writes the decryption result to the third argument, plain. After plaintext input is completed, call R_SCE_AES256CBC_DecryptFinal().

Specify areas for plain and cipher that do not overlap. For plain and cipher, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES handler (work area)
[in]cipherciphertext data area
[in,out]plainplaintext data area
[in,out]cipher_lengthciphertext data length (must be a multiple of 16)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CBC_DecryptFinal()

fsp_err_t R_SCE_AES256CBC_DecryptFinal ( sce_aes_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_length 
)

Using the handle specified in the first argument, handle, the R_SCE_AES256CBC_DecryptFinal() function writes the calculation result to the second argument, plain, and writes the length of the calculation result to the third argument, plain_length. The original intent was for a portion of the decryption result that was not a multiple of 16 bytes to be written to the second argument. However, as a result of the restriction that only multiples of 16 can be input to the Update function, nothing is ever written to plain, and 0 is always written to plain_length. The arguments plain and plain_length are provided for compatibility in anticipation of the time when this restriction is lifted.

Parameters
[in,out]handleAES handler (work area)
[in,out]plainplaintext data area (nothing ever written here)
[in,out]plain_lengthplaintext data length (0 always written here)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_EncryptInit()

fsp_err_t R_SCE_AES128GCM_EncryptInit ( sce_gcm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector,
uint32_t  initial_vector_length 
)

The R_SCE_AES128GCM_EncryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128GCM_EncryptUpdate() function and R_SCE_AES128GCM_EncryptFinal() function.

Parameters
[in,out]handleAES-GCM handler (work area)
[in]wrapped_key128-bit AES wrapped key
[in]initial_vectorinitialization vector area (initial_vector_length byte)
[in]initial_vector_lengthinitialization vector length (1 ore more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_EncryptUpdate()

fsp_err_t R_SCE_AES128GCM_EncryptUpdate ( sce_gcm_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_data_length,
uint8_t *  aad,
uint32_t  aad_length 
)

The R_SCE_AES128GCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES128GCM_EncryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from plain reaches 16 bytes or more, the encryption result is output to the ciphertext data area specified in the third argument, cipher. The lengths of the plain and aad data to input are respectively specified in the fourth argument, plain_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and plain input data, but rather the data length to input when the user calls this function. If the input values plain and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from plain. If aad data is input after starting to input plain data, an error will occur. If aad data and plain data are input to this function at the same time, the aad data will be processed, and then the function will transition to the plain data input state.

Specify areas for plain and cipher that do not overlap. For plain, cipher, initial_vector, and aad, specify RAM addresses that are multiples of 4

Parameters
[in,out]handleAES-GCM handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in]plain_data_lengthplaintext data length (0 or more bytes)
[in]aadadditional authentication data (aad_length byte)
[in]aad_lengthadditional authentication data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAfter the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_EncryptFinal()

fsp_err_t R_SCE_AES128GCM_EncryptFinal ( sce_gcm_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_data_length,
uint8_t *  atag 
)

If there is 16-byte fractional data indicated by the total data length of the value of plain that was input by R_SCE_AES128GCM_EncryptUpdate (), the R_SCE_AES128GCM_EncryptFinal() function will output the result of encrypting that fractional data to the ciphertext data area specified in the second argument, cipher. Here, the portion that does not reach 16 bytes will be padded with zeros. The authentication tag is output to the fourth argument, atag. For cipher and atag, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES-GCM handler (work area)
[in,out]cipherciphertext data area (cipher_data_length byte)
[in,out]cipher_data_lengthciphertext data length (0 always written here)
[in,out]atagauthentication tag area
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_DecryptInit()

fsp_err_t R_SCE_AES128GCM_DecryptInit ( sce_gcm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector,
uint32_t  initial_vector_length 
)

The R_SCE_AES128GCM_DecryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128GCM_DecryptUpdate() function and R_SCE_AES128GCM_DecryptFinal() function.

Parameters
[in,out]handleAES-GCM handler (work area)
[in]wrapped_key128-bit AES wrapped key
[in]initial_vectorinitialization vector area (initial_vector_length byte)
[in]initial_vector_lengthinitialization vector length (1 ore more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_DecryptUpdate()

fsp_err_t R_SCE_AES128GCM_DecryptUpdate ( sce_gcm_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_data_length,
uint8_t *  aad,
uint32_t  aad_length 
)

The R_SCE_AES128GCM_DecryptUpdate() function decrypts the ciphertext specified in the second argument, cipher, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES128GCM_DecryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from cipher reaches 16 bytes or more, the decryption result is output to the plaintext data area specified in the third argument, plain. The lengths of the cipher and aad data to input are respectively specified in the fourth argument, cipher_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and cipher input data, but rather the data length to input when the user calls this function. If the input values cipher and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from cipher. If aad data is input after starting to input cipher data, an error will occur. If aad data and cipher data are input to this function at the same time, the aad data will be processed, and then the function will transition to the cipher data input state. Specify areas for plain and cipher that do not overlap. For plain, cipher, stage, initial_vector, and aad, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES-GCM handler (work area)
[in,out]cipherciphertext data area
[in]plainplaintext data area
[in]cipher_data_lengthciphertext data length (0 or more bytes)
[in]aadadditional authentication data (aad_length byte)
[in]aad_lengthadditional authentication data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAfter the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128GCM_DecryptFinal()

fsp_err_t R_SCE_AES128GCM_DecryptFinal ( sce_gcm_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_data_length,
uint8_t *  atag,
uint32_t  atag_length 
)

The R_SCE_AES128GCM_DecryptFinal() function decrypts, in GCM mode, the fractional ciphertext specified by R_SCE_AES128GCM_DecryptUpdate() that does not reach 16 bytes, and ends GCM decryption. The encryption data and authentication tag are respectively output to the plaintext data area specified in the second argument, plain, and the authentication tag area specified in the fourth argument, atag. The decoded data length is output to the third argument, plain_data_length. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. For the fourth argument, atag, input 16 bytes or less. If it is less than 16 bytes, it will be padded with zeros inside the function. For plain and atag, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES-GCM handler (work area)
[in,out]plainplaintext data area (cipher_data_length byte)
[in,out]plain_data_lengthplaintext data length (0 always written here)
[in,out]atagauthentication tag area (atag_length byte)
[in]atag_lengthauthentication tag length (4,8,12,13,14,15,16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_EncryptInit()

fsp_err_t R_SCE_AES256GCM_EncryptInit ( sce_gcm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector,
uint32_t  initial_vector_length 
)

The R_SCE_AES256GCM_EncryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256GCM_EncryptUpdate() function and R_SCE_AES256GCM_EncryptFinal() function.

Parameters
[in,out]handleAES-GCM handler (work area)
[in]wrapped_key256-bit AES wrapped key
[in]initial_vectorinitialization vector area (initial_vector_length byte)
[in]initial_vector_lengthinitialization vector length (1 ore more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_EncryptUpdate()

fsp_err_t R_SCE_AES256GCM_EncryptUpdate ( sce_gcm_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_data_length,
uint8_t *  aad,
uint32_t  aad_length 
)

The R_SCE_AES256GCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES256GCM_EncryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from plain reaches 16 bytes or more, the encryption result is output to the ciphertext data area specified in the third argument, cipher. The lengths of the plain and aad data to input are respectively specified in the fourth argument, plain_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and plain input data, but rather the data length to input when the user calls this function. If the input values plain and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from plain. If aad data is input after starting to input plain data, an error will occur. If aad data and plain data are input to this function at the same time, the aad data will be processed, and then the function will transition to the plain data input state.

Specify areas for plain and cipher that do not overlap. For plain, cipher, initial_vector, and aad, specify RAM addresses that are multiples of 4

Parameters
[in,out]handleAES-GCM handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in]plain_data_lengthplaintext data length (0 or more bytes)
[in]aadadditional authentication data (aad_length byte)
[in]aad_lengthadditional authentication data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAfter the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_EncryptFinal()

fsp_err_t R_SCE_AES256GCM_EncryptFinal ( sce_gcm_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_data_length,
uint8_t *  atag 
)

If there is 16-byte fractional data indicated by the total data length of the value of plain that was input by R_SCE_AES256GCM_EncryptUpdate (), the R_SCE_AES256GCM_EncryptFinal() function will output the result of encrypting that fractional data to the ciphertext data area specified in the second argument, cipher. Here, the portion that does not reach 16 bytes will be padded with zeros. The authentication tag is output to the fourth argument, atag. For cipher and atag, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES-GCM handler (work area)
[in,out]cipherciphertext data area (cipher_data_length byte)
[in,out]cipher_data_lengthciphertext data length (0 always written here)
[in,out]atagauthentication tag area
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_DecryptInit()

fsp_err_t R_SCE_AES256GCM_DecryptInit ( sce_gcm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  initial_vector,
uint32_t  initial_vector_length 
)

The R_SCE_AES256GCM_DecryptInit() function performs preparations for the execution of an GCM calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256GCM_DecryptUpdate() function and R_SCE_AES256GCM_DecryptFinal() function.

Parameters
[in,out]handleAES-GCM handler (work area)
[in]wrapped_key256-bit AES wrapped key
[in]initial_vectorinitialization vector area (initial_vector_length byte)
[in]initial_vector_lengthinitialization vector length (1 ore more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_DecryptUpdate()

fsp_err_t R_SCE_AES256GCM_DecryptUpdate ( sce_gcm_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_data_length,
uint8_t *  aad,
uint32_t  aad_length 
)

The R_SCE_AES256GCM_DecryptUpdate() function decrypts the ciphertext specified in the second argument, cipher, in GCM mode using the values specified for wrapped_key and initial_vector in R_SCE_AES256GCM_DecryptInit(), along with the additional authentication data specified in the fifth argument, aad. Inside this function, the data that is input by the user is buffered until the input values of aad and plain exceed 16 bytes. After the input data from cipher reaches 16 bytes or more, the decryption result is output to the plaintext data area specified in the third argument, plain. The lengths of the cipher and aad data to input are respectively specified in the fourth argument, cipher_data_length, and the sixth argument, aad_length. For these, specify not the total byte count for the aad and cipher input data, but rather the data length to input when the user calls this function. If the input values cipher and aad are not divisible by 16 bytes, they will be padded inside the function. First process the data that is input from aad, and then process the data that is input from cipher. If aad data is input after starting to input cipher data, an error will occur. If aad data and cipher data are input to this function at the same time, the aad data will be processed, and then the function will transition to the cipher data input state. Specify areas for plain and cipher that do not overlap. For plain, cipher, stage, initial_vector, and aad, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES-GCM handler (work area)
[in,out]cipherciphertext data area
[in]plainplaintext data area
[in]cipher_data_lengthciphertext data length (0 or more bytes)
[in]aadadditional authentication data (aad_length byte)
[in]aad_lengthadditional authentication data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAfter the data from plain was input, an invalid handle was input from aad.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256GCM_DecryptFinal()

fsp_err_t R_SCE_AES256GCM_DecryptFinal ( sce_gcm_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_data_length,
uint8_t *  atag,
uint32_t  atag_length 
)

The R_SCE_AES256GCM_DecryptFinal() function decrypts, in GCM mode, the fractional ciphertext specified by R_SCE_AES256GCM_DecryptUpdate() that does not reach 16 bytes, and ends GCM decryption. The encryption data and authentication tag are respectively output to the plaintext data area specified in the second argument, plain, and the authentication tag area specified in the fourth argument, atag. The decoded data length is output to the third argument, plain_data_length. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. For the fourth argument, atag, input 16 bytes or less. If it is less than 16 bytes, it will be padded with zeros inside the function. For plain and atag, specify RAM addresses that are multiples of 4.

Parameters
[in,out]handleAES-GCM handler (work area)
[in,out]plainplaintext data area (cipher_data_length byte)
[in,out]plain_data_lengthplaintext data length (0 always written here)
[in,out]atagauthentication tag area (atag_length byte)
[in]atag_lengthauthentication tag length (4,8,12,13,14,15,16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_EncryptInit()

fsp_err_t R_SCE_AES128CCM_EncryptInit ( sce_ccm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  nonce,
uint32_t  nonce_length,
uint8_t *  adata,
uint8_t  a_length,
uint32_t  payload_length,
uint32_t  mac_length 
)

The R_SCE_AES128CCM_EncryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES128CCM_EncryptUpdate() and R_SCE_AES128CCM_EncryptFinal() use handle as an argument.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]wrapped_key128-bit AES wrapped key
[in]nonceNonce
[in]nonce_lengthNonce data length (7 to 13 bytes)
[in]adataadditional authentication data
[in]a_lengthadditional authentication data length (0 to 110 bytes)
[in]payload_lengthPayload length (any number of bytes)
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_EncryptUpdate()

fsp_err_t R_SCE_AES128CCM_EncryptUpdate ( sce_ccm_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_length 
)

The R_SCE_AES128CCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in CCM mode using the values specified by wrapped_key, nonce, and adata in R_SCE_AES128CCM_EncryptInit(). This function buffers internally the data input by the user until the input value of plain exceeds 16 bytes. Once the amount of plain input data is 16 bytes or greater, the encrypted result is output to cipher, which is specified in the third argument. Use payload_length in R_SCE_AES128CCM_EncryptInit() to specify the total data length of plain that will be input. Use plain_length in this function to specify the data length to be input when the user calls this function. If the input value of plain is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to plain and cipher do not overlap. Also, specify RAM addresses that are multiples of 4 for plain and cipher.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in]plain_lengthplaintext data length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_EncryptFinal()

fsp_err_t R_SCE_AES128CCM_EncryptFinal ( sce_ccm_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_length,
uint8_t *  mac,
uint32_t  mac_length 
)

If the data length of plain input in R_SCE_AES128CCM_EncryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES128CCM_EncryptFinal() function outputs the leftover encrypted data to cipher, which is specified in the second argument. The MAC value is output to the fourth argument, mac. Set the fifth argument, mac_length to the same value as that specified for the argument mac_length in Aes128CcmEncryptInit(). Also, specify RAM addresses that are multiples of 4 for cipher and mac.

Parameters
[in,out]handleAES-CCM handler (work area)
[in,out]cipherciphertext data area
[in,out]cipher_lengthciphertext data length
[in,out]macMAC area
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_DecryptInit()

fsp_err_t R_SCE_AES128CCM_DecryptInit ( sce_ccm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  nonce,
uint32_t  nonce_length,
uint8_t *  adata,
uint8_t  a_length,
uint32_t  payload_length,
uint32_t  mac_length 
)

The R_SCE_AES128CCM_DecryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES128CCM_DecryptUpdate() and R_SCE_AES128CCM_DecryptFinal() use handle as an argument.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]wrapped_key128-bit AES wrapped key
[in]nonceNonce
[in]nonce_lengthNonce data length (7 to 13 bytes)
[in]adataadditional authentication data
[in]a_lengthadditional authentication data length (0 to 110 bytes)
[in]payload_lengthPayload length (any number of bytes)
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_DecryptUpdate()

fsp_err_t R_SCE_AES128CCM_DecryptUpdate ( sce_ccm_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_length 
)

The R_SCE_AES128CCM_DecryptUpdate() function decrypts the ciphertext specified by the second argument, cipher, in CCM mode using the values specified by wrapped_key, nonce, and adata in in R_SCE_AES128CCM_DecryptInit(). This function buffers internally the data input by the user until the input value of cipher exceeds 16 bytes. Once the amount of cipher input data is 16 bytes or greater, the decrypted result is output to plain, which is specified in the third argument. Use payload_length in R_SCE_AES128CCM_DecryptInit() to specify the total data length of cipher that will be input. Use cipher_length in this function to specify the data length to be input when the user calls this function. If the input value of cipher is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to cipher and plain do not overlap. Also, specify RAM addresses that are multiples of 4 for cipher and plain.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]cipherciphertext data area
[in,out]plainplaintext data area
[in]cipher_lengthciphertext data length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CCM_DecryptFinal()

fsp_err_t R_SCE_AES128CCM_DecryptFinal ( sce_ccm_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_length,
uint8_t *  mac,
uint32_t  mac_length 
)

If the data length of cipher input in R_SCE_AES128GCM_DecryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES128GCM_DecryptFinal() function outputs the leftover decrypted data to cipher, which is specified in the second argument. In addition, the function verifies the fourth argument, mac. Set the fifth argument, mac_length, to the same value as that specified for the argument mac_length in Aes128CcmDecryptInit().

Parameters
[in,out]handleAES-CCM handler (work area)
[in,out]plainplaintext data area
[in,out]plain_lengthplaintext data length
[in]macMAC area
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILInternal error, or authentication failed.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_EncryptInit()

fsp_err_t R_SCE_AES256CCM_EncryptInit ( sce_ccm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  nonce,
uint32_t  nonce_length,
uint8_t *  adata,
uint8_t  a_length,
uint32_t  payload_length,
uint32_t  mac_length 
)

The R_SCE_AES256CCM_EncryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES256CCM_EncryptUpdate() and R_SCE_AES256CCM_EncryptFinal() use handle as an argument.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]wrapped_key256-bit AES wrapped key
[in]nonceNonce
[in]nonce_lengthNonce data length (7 to 13 bytes)
[in]adataadditional authentication data
[in]a_lengthadditional authentication data length (0 to 110 bytes)
[in]payload_lengthPayload length (any number of bytes)
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_EncryptUpdate()

fsp_err_t R_SCE_AES256CCM_EncryptUpdate ( sce_ccm_handle_t handle,
uint8_t *  plain,
uint8_t *  cipher,
uint32_t  plain_length 
)

The R_SCE_AES256CCM_EncryptUpdate() function encrypts the plaintext specified in the second argument, plain, in CCM mode using the values specified by wrapped_key, nonce, and adata in R_SCE_AES256CCM_EncryptInit(). This function buffers internally the data input by the user until the input value of plain exceeds 16 bytes. Once the amount of plain input data is 16 bytes or greater, the encrypted result is output to cipher, which is specified in the third argument. Use payload_length in R_SCE_AES256CCM_EncryptInit() to specify the total data length of plain that will be input. Use plain_length in this function to specify the data length to be input when the user calls this function. If the input value of plain is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to plain and cipher do not overlap. Also, specify RAM addresses that are multiples of 4 for plain and cipher.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]plainplaintext data area
[in,out]cipherciphertext data area
[in]plain_lengthplaintext data length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_EncryptFinal()

fsp_err_t R_SCE_AES256CCM_EncryptFinal ( sce_ccm_handle_t handle,
uint8_t *  cipher,
uint32_t *  cipher_length,
uint8_t *  mac,
uint32_t  mac_length 
)

If the data length of plain input in R_SCE_AES256CCM_EncryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES256CCM_EncryptFinal() function outputs the leftover encrypted data to cipher, which is specified in the second argument. The MAC value is output to the fourth argument, mac. Set the fifth argument, mac_length to the same value as that specified for the argument mac_length in Aes256CcmEncryptInit(). Also, specify RAM addresses that are multiples of 4 for cipher and mac.

Parameters
[in,out]handleAES-CCM handler (work area)
[in,out]cipherciphertext data area
[in,out]cipher_lengthciphertext data length
[in,out]macMAC area
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_DecryptInit()

fsp_err_t R_SCE_AES256CCM_DecryptInit ( sce_ccm_handle_t handle,
sce_aes_wrapped_key_t wrapped_key,
uint8_t *  nonce,
uint32_t  nonce_length,
uint8_t *  adata,
uint8_t  a_length,
uint32_t  payload_length,
uint32_t  mac_length 
)

The R_SCE_AES256CCM_DecryptInit() function prepares to perform CCM computation and writes the result to the first argument, handle. The succeeding functions R_SCE_AES256CCM_DecryptUpdate() and R_SCE_AES256CCM_DecryptFinal() use handle as an argument.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]wrapped_key256-bit AES wrapped key
[in]nonceNonce
[in]nonce_lengthNonce data length (7 to 13 bytes)
[in]adataadditional authentication data
[in]a_lengthadditional authentication data length (0 to 110 bytes)
[in]payload_lengthPayload length (any number of bytes)
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_DecryptUpdate()

fsp_err_t R_SCE_AES256CCM_DecryptUpdate ( sce_ccm_handle_t handle,
uint8_t *  cipher,
uint8_t *  plain,
uint32_t  cipher_length 
)

The R_SCE_AES256CCM_DecryptUpdate() function decrypts the ciphertext specified by the second argument, cipher, in CCM mode using the values specified by wrapped_key, nonce, and adata in in R_SCE_AES256CCM_DecryptInit(). This function buffers internally the data input by the user until the input value of cipher exceeds 16 bytes. Once the amount of cipher input data is 16 bytes or greater, the decrypted result is output to plain, which is specified in the third argument. Use payload_length in R_SCE_AES256CCM_DecryptInit() to specify the total data length of cipher that will be input. Use cipher_length in this function to specify the data length to be input when the user calls this function. If the input value of cipher is less than 16 bytes, the function performs padding internally.

Ensure that the areas allocated to cipher and plain do not overlap. Also, specify RAM addresses that are multiples of 4 for cipher and plain.

Parameters
[in,out]handleAES-CCM handler (work area)
[in]cipherciphertext data area
[in,out]plainplaintext data area
[in]cipher_lengthciphertext data length
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CCM_DecryptFinal()

fsp_err_t R_SCE_AES256CCM_DecryptFinal ( sce_ccm_handle_t handle,
uint8_t *  plain,
uint32_t *  plain_length,
uint8_t *  mac,
uint32_t  mac_length 
)

If the data length of cipher input in R_SCE_AES256GCM_DecryptUpdate() results in leftover data after 16 bytes, the R_SCE_AES256GCM_DecryptFinal() function outputs the leftover decrypted data to cipher, which is specified in the second argument. In addition, the function verifies the fourth argument, mac. Set the fifth argument, mac_length, to the same value as that specified for the argument mac_length in Aes256CcmDecryptInit().

Parameters
[in,out]handleAES-CCM handler (work area)
[in,out]plainplaintext data area
[in,out]plain_lengthplaintext data length
[in]macMAC area
[in]mac_lengthMAC length (4, 6, 8, 10, 12, 14, or 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_PARAMETERInput data is illegal.
FSP_ERR_CRYPTO_SCE_FAILInternal error, or authentication failed.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_GenerateInit()

fsp_err_t R_SCE_AES128CMAC_GenerateInit ( sce_cmac_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES128CMAC_GenerateInit() function performs preparations for the execution of an CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES128CMAC_GenerateUpdate() function and R_SCE_AES128CMAC_GenerateFinal() function.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_GenerateUpdate()

fsp_err_t R_SCE_AES128CMAC_GenerateUpdate ( sce_cmac_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_AES128CMAC_GenerateUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES128CMAC_GenerateInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]messagemessage data area (message_length byte)
[in]message_lengthmessage data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_GenerateFinal()

fsp_err_t R_SCE_AES128CMAC_GenerateFinal ( sce_cmac_handle_t handle,
uint8_t *  mac 
)

The R_SCE_AES128CMAC_GenerateFinal() function outputs the MAC value to the MAC data area specified in the second argument, mac, and ends CMAC mode.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in,out]macMAC data area (16byte)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONNot used.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_VerifyInit()

fsp_err_t R_SCE_AES128CMAC_VerifyInit ( sce_cmac_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES128CMAC_VerifyInit() function performs preparations for the execution of a CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argumentin the subsequent R_SCE_AES128CMAC_VerifyUpdate() function and R_SCE_AES128CMAC_VerifyFinal() function.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]wrapped_key128-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_VerifyUpdate()

fsp_err_t R_SCE_AES128CMAC_VerifyUpdate ( sce_cmac_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_AES128CMAC_VerifyUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES128CMAC_VerifyInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]messagemessage data area (message_length byte)
[in]message_lengthmessage data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES128CMAC_VerifyFinal()

fsp_err_t R_SCE_AES128CMAC_VerifyFinal ( sce_cmac_handle_t handle,
uint8_t *  mac,
uint32_t  mac_length 
)

The R_SCE_AES128CMAC_VerifyFinal() function inputs the MAC value in the MAC data area specified in the second argument, mac, and verifies the MAC value. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. If the MAC value is less than 16 bytes, it will be padded with zeros inside the function.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in,out]macMAC data area (mac_length byte)
[in,out]mac_lengthMAC data length (2 to 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_GenerateInit()

fsp_err_t R_SCE_AES256CMAC_GenerateInit ( sce_cmac_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES256CMAC_GenerateInit() function performs preparations for the execution of an CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argument in the subsequent R_SCE_AES256CMAC_GenerateUpdate() function and R_SCE_AES256CMAC_GenerateFinal() function.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]wrapped_key256-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_GenerateUpdate()

fsp_err_t R_SCE_AES256CMAC_GenerateUpdate ( sce_cmac_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_AES256CMAC_GenerateUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES256CMAC_GenerateInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]messagemessage data area (message_length byte)
[in]message_lengthmessage data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_GenerateFinal()

fsp_err_t R_SCE_AES256CMAC_GenerateFinal ( sce_cmac_handle_t handle,
uint8_t *  mac 
)

The R_SCE_AES256CMAC_GenerateFinal() function outputs the MAC value to the MAC data area specified in the second argument, mac, and ends CMAC mode.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in,out]macMAC data area (16byte)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONNot used.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_VerifyInit()

fsp_err_t R_SCE_AES256CMAC_VerifyInit ( sce_cmac_handle_t handle,
sce_aes_wrapped_key_t wrapped_key 
)

The R_SCE_AES256CMAC_VerifyInit() function performs preparations for the execution of a CMAC calculation, and writes the result to the first argument, handle. The value of handle is used as an argumentin the subsequent R_SCE_AES256CMAC_VerifyUpdate() function and R_SCE_AES256CMAC_VerifyFinal() function.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]wrapped_key256-bit AES wrapped key
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_KEY_SET_FAILInvalid wrapped key was input.
FSP_ERR_CRYPTO_SCE_FAILInternal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_VerifyUpdate()

fsp_err_t R_SCE_AES256CMAC_VerifyUpdate ( sce_cmac_handle_t handle,
uint8_t *  message,
uint32_t  message_length 
)

The R_SCE_AES256CMAC_VerifyUpdate() function performs MAC value generation based on the message specified in the second argument, message, using the value specified for wrapped_key in R_SCE_AES256CMAC_VerifyInit(). Inside this function, the data that is input by the user is buffered until the input value of message exceeds 16 bytes. The length of the message data to input is specified in the third argument, message_len. For these, input not the total byte count for message input data, but rather the message data length to input when the user calls this function. If the input value, message, is not a multiple of 16 bytes, it will be padded within the function. For message, specify a RAM address that are multiples of 4.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in]messagemessage data area (message_length byte)
[in]message_lengthmessage data length (0 or more bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_AES256CMAC_VerifyFinal()

fsp_err_t R_SCE_AES256CMAC_VerifyFinal ( sce_cmac_handle_t handle,
uint8_t *  mac,
uint32_t  mac_length 
)

The R_SCE_AES256CMAC_VerifyFinal() function inputs the MAC value in the MAC data area specified in the second argument, mac, and verifies the MAC value. If authentication fails, the return value will be TSIP_ERR_AUTHENTICATION. If the MAC value is less than 16 bytes, it will be padded with zeros inside the function.

Parameters
[in,out]handleAES-CMAC handler (work area)
[in,out]macMAC data area (mac_length byte)
[in,out]mac_lengthMAC data length (2 to 16 bytes)
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
FSP_ERR_CRYPTO_SCE_AUTHENTICATIONAuthentication failed
FSP_ERR_CRYPTO_SCE_PARAMETERAn invalid handle was input.
FSP_ERR_CRYPTO_SCE_PROHIBIT_FUNCTIONAn invalid function was called.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_RootCertificateVerify()

fsp_err_t R_SCE_TLS_RootCertificateVerify ( uint32_t  public_key_type,
uint8_t *  certificate,
uint32_t  certificate_length,
uint32_t  public_key_n_start_position,
uint32_t  public_key_n_end_position,
uint32_t  public_key_e_start_position,
uint32_t  public_key_e_end_position,
uint8_t *  signature,
uint32_t *  encrypted_root_public_key 
)

Verify root CA certificate.

Parameters
[in]public_key_typekey type
[in]certificatecertificates.
[in]certificate_lengthbyte size of certificates.
[in]public_key_n_start_positionstart position of public key n.
[in]public_key_n_end_positionend position of public key n.
[in]public_key_e_start_positionstart position of public key e.
[in]public_key_e_end_positionend position of public key e.
[in]signaturesignature for certificates.
[out]encrypted_root_public_keypublic key for RSA 2048bit.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_CertificateVerify()

fsp_err_t R_SCE_TLS_CertificateVerify ( uint32_t  public_key_type,
uint32_t *  encrypted_input_public_key,
uint8_t *  certificate,
uint32_t  certificate_length,
uint8_t *  signature,
uint32_t  public_key_n_start_position,
uint32_t  public_key_n_end_position,
uint32_t  public_key_e_start_position,
uint32_t  public_key_e_end_position,
uint32_t *  encrypted_output_public_key 
)

Verify server certificate and intermediate certificate.

Parameters
[in]public_key_typekey type
[in]encrypted_input_public_keypublic key.
[in]certificatecertificates.
[in]certificate_lengthbyte size of certificates.
[in]signaturesignature for certificates.
[in]public_key_n_start_positionstart position of public key n.
[in]public_key_n_end_positionend position of public key n.
[in]public_key_e_start_positionstart position of public key e.
[in]public_key_e_end_positionend position of public key e.
[out]encrypted_output_public_keypublic key for RSA 2048bit.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_PreMasterSecretGenerateForRSA2048()

fsp_err_t R_SCE_TLS_PreMasterSecretGenerateForRSA2048 ( uint32_t *  sce_pre_master_secret)

Generate encrypted pre-master secret.

Parameters
[out]sce_pre_master_secretpre-master secret value for SCE.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_MasterSecretGenerate()

fsp_err_t R_SCE_TLS_MasterSecretGenerate ( uint32_t  select_cipher_suite,
uint32_t *  sce_pre_master_secret,
uint8_t *  client_random,
uint8_t *  server_random,
uint32_t *  sce_master_secret 
)

Generate encrypted master secret.

Parameters
[in]select_cipher_suitecipher suite type
[in]sce_pre_master_secretpre-master secret value for SCE.
[in]client_randomrandom value reported ClientHello.
[in]server_randomrandom value reported ServerHello.
[out]sce_master_secretmaster secret value with SCE-specific conversion.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_PreMasterSecretEncryptWithRSA2048()

fsp_err_t R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 ( uint32_t *  encrypted_public_key,
uint32_t *  sce_pre_master_secret,
uint8_t *  encrypted_pre_master_secret 
)

Output the result encrypted pre-master secret with RSA 2048bit

Parameters
[in]encrypted_public_keypublic key data.
[in]sce_pre_master_secretpre-master secret value.
[out]encrypted_pre_master_secretthe value encrypted pre-master secret.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_SessionKeyGenerate()

fsp_err_t R_SCE_TLS_SessionKeyGenerate ( uint32_t  select_cipher_suite,
uint32_t *  sce_master_secret,
uint8_t *  client_random,
uint8_t *  server_random,
uint8_t *  nonce_explicit,
sce_hmac_sha_wrapped_key_t client_mac_wrapped_key,
sce_hmac_sha_wrapped_key_t server_mac_wrapped_key,
sce_aes_wrapped_key_t client_crypto_wrapped_key,
sce_aes_wrapped_key_t server_crypto_wrapped_key,
uint8_t *  client_initial_vector,
uint8_t *  server_initial_vector 
)

Output various key information.

Parameters
[in]select_cipher_suiteKey suite information number.
[in]sce_master_secretmaster secret value.
[in]client_randomrandom value reported ClientHello.
[in]server_randomrandom value reported ServerHello.
[in]nonce_explicitnonce value
[out]client_mac_wrapped_keythe mac key during communication from client to server.
[out]server_mac_wrapped_keythe mac key during communication from server to client.
[out]client_crypto_wrapped_keythe crypto key during communication from client to server.
[out]server_crypto_wrapped_keythe crypto key during communication from server to client.
[in]client_initial_vectornot use.
[in]server_initial_vectornot use.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_VerifyDataGenerate()

fsp_err_t R_SCE_TLS_VerifyDataGenerate ( uint32_t  select_verify_data,
uint32_t *  sce_master_secret,
uint8_t *  hand_shake_hash,
uint8_t *  verify_data 
)

Generate verify data.

Parameters
[in]select_verify_dataSelect Client/Server data.
[in]sce_master_secretmaster secret data.
[in]hand_shake_hashTLS hand shake message SHA256 HASH value.
[out]verify_dataverify data.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_ServerKeyExchangeVerify()

fsp_err_t R_SCE_TLS_ServerKeyExchangeVerify ( uint32_t  public_key_type,
uint8_t *  client_random,
uint8_t *  server_random,
uint8_t *  server_ephemeral_ecdh_public_key,
uint8_t *  server_key_exchange_signature,
uint32_t *  encrypted_public_key,
uint32_t *  encrypted_ephemeral_ecdh_public_key 
)

Retrives ECDH public key.

Parameters
[in]public_key_typekey type
[in]client_randomrandom value reported ClientHello.
[in]server_randomrandom value reported ServerHello.
[in]server_ephemeral_ecdh_public_keyEphemeral ECDH public key from Server.
[in]server_key_exchange_signatureServer Key Exchange sigunature.
[in]encrypted_public_keyencrypted public key.
[out]encrypted_ephemeral_ecdh_public_keyencrypted Ephemeral ECDH public key.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.

◆ R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1()

fsp_err_t R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1 ( uint32_t *  encrypted_public_key,
sce_tls_p256_ecc_wrapped_key_t *  tls_p256_ecc_wrapped_key,
uint32_t *  sce_pre_master_secret 
)

Generate encrypted pre-master secret.

Parameters
[in]encrypted_public_keyencrypted public key
[in]tls_p256_ecc_wrapped_keyP-256 ECC key index.
[out]sce_pre_master_secretencrypted pre-master secret value for SCE.
Return values
FSP_SUCCESSNormal termination
FSP_ERR_CRYPTO_SCE_RESOURCE_CONFLICTA resource conflict occurred because a hardware resource needed by the processing routine was in use by another processing routine.
FSP_ERR_CRYPTO_SCE_FAILAn internal error occurred.
Note
The pre-run state is SCE Enabled State. After the function runs the state transitions to SCE Enabled State.