Secure Crypto Engine (r_sce_protected_cavp)

Driver for the CAVP Certified Secure Crypto Engine (SCE) on RA MCUs.

Version

v1.0.0

The version that appears on the Components tab of the FSP Configuration editor is v1.0.0+fsp.<fsp_version>. The <fsp_version> metadata reflects tooling support files only and does not indicate any changes to the CAVP certified code. See Module Versioning for more information about component versioning in FSP.

Functions

The user documentation for the functions in this module.

• SCE Protected Mode

Overview

This module provides SCE CAVP Certified functions.

HW Overview

Obtained device certification with RA6M4.

Crypto Peripheral version	Devices
SCE9 (Protected mode)	RA4M2, RA4M3, RA6M4, RA6M5

Features

The SCE module supports for the following features.

• Cryptography
  • Symmetric Encryption/Decryption
    • AES
      • ECB 128/256bit
      • CBC 128/256bit
      • GCM 128/256bit
      • CCM 128/256bit
  • Asymmetric Encryption/Decryption
    • RSA
      • RSAES-PKCS1-V1_5 1024/2048bit
      • RSAES-PKCS1-V1_5 3072/4096bit (Encryption only)
      • RSASSA-PKCS1-V1_5 1024/2048bit
      • RSASSA-PKCS1-V1_5 3072/4096bit (Verification only)
    • ECC
      • ECDSA secp192r1/secp224r1/secp256r1/secp384r1
      • ECDH secp256r1
  • Hash Functions
    • SHA-2
      • SHA-256
• Message Authentication Code
  • HMAC-SHA256bit
  • AES-CMAC 128/256bit
• Key Support
  • AES 128/256bit
  • RSA 1024/2048bit
  • RSA 3072/4096bit (public key only)
  • ECC secp192r1/secp224r1/secp256r1/secp384r1
  • HMAC-SHA256bit
• TRNG
• TLS
  • SSL / TLS support function (TLS1.2 compliant)

Configuration

Clock Configuration

This module does not require a specific clock configuration.

Pin Configuration

This module does not use I/O pins.

Usage Notes

Getting Started: Creating a SCE Protected Mode Project

Start by creating a new project in e² studio or RASC. On the Stacks tab, add New > Security > SCE Protected Mode(CAVP Certified). For information on how to install and update secure keys, refer to the Application Note R11AN0496.

Limitations

Usage of R_SCE_ECDSA_secp384r1_SignatureGenerate/Verify

The SCE does not support SHA-384 in hardware, so the APIs listed below require the user to create a SHA-384 function for signature generation and verification. To use the APIs listed below, enable SCE_USER_SHA_384_ENABLED on RA Smart Configurator and prepare a function called SCE_USER_SHA_384_FUNCTION. The interface of SCE_USER_SHA_384_FUNCTION, which is called by the following APIs, is described below.

• R_SCE_ECDSA_secp384r1_SignatureGenerate()
• R_SCE_ECDSA_secp384r1_SignatureVerify()

SCE_USER_SHA_384_FUNCTION()

uint32_t SCE_USER_SHA_384_FUNCTION(uint8_t * message, uint8_t * digest, uint32_t message_length)

SHA-384 hash calculation is performed for an area extending the number of bytes specified by the argument message_length from the address specified by the argument message. The calculation result should be stored at the address specified by the argument digest.

Parameters

message	[in] Start address of message
digest	[in,out] address for storing hash calculation result (48 bytes)
message_length	[in] Effective byte count of message

Return values

0	Hash value stored successfully.
others	Storing of hash value failed.

Examples

AES Example

This is an example of AES-256 encryption and decryption.

#include <string.h>
#include "r_sce.h"

#define BLOCK    16

void r_sce_example_aes();

sce_instance_ctrl_t sce_ctrl;
sce_cfg_t           sce_cfg =
{
    .lifecycle = SCE_SSD
};

static uint8_t plain[BLOCK * 2] =
{
    0x52, 0x65, 0x6e, 0x65, 0x73, 0x61, 0x73, 0x20, 0x45, 0x6c, 0x65, 0x63, 0x74, 0x72, 0x6f, 0x6e,
    0x69, 0x63, 0x73, 0x20, 0x43, 0x6f, 0x72, 0x70, 0x6f, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00
};

void r_sce_example_aes ()
{
    sce_aes_handle_t      handle;
    sce_aes_wrapped_key_t wrapped_key;
    uint8_t               cipher_calculated[32] = {0};
    uint8_t               plain_calculated[32]  = {0};
    uint32_t              dummy;

    /* SCE power on */
    R_SCE_Open(&sce_ctrl, &sce_cfg);

    /* Generate a random key */
    R_SCE_AES256_WrappedKeyGenerate(&wrapped_key);

    /* Encrypt a plain text */
    R_SCE_AES256ECB_EncryptInit(&handle, &wrapped_key);
    R_SCE_AES256ECB_EncryptUpdate(&handle, plain, cipher_calculated, BLOCK * 2);
    R_SCE_AES256ECB_EncryptFinal(&handle, cipher_calculated, &dummy);

    /* Decrypt a cipher text using same key as Encryption */
    R_SCE_AES256ECB_DecryptInit(&handle, &wrapped_key);
    R_SCE_AES256ECB_DecryptUpdate(&handle, cipher_calculated, plain_calculated, BLOCK * 2);
    R_SCE_AES256ECB_DecryptFinal(&handle, plain_calculated, &dummy);

    /* SCE power off */
    R_SCE_Close(&sce_ctrl);

    /* Compare plain and plain_calculated */
    if (memcmp(plain, plain_calculated, BLOCK * 2))
    {
        while (1)
        {
            /* plain and plain_calculated are different (incorrect) */
        }
    }
    else
    {
        while (1)
        {
            /* plain and plain_calculated are the same (correct) */
        }
    }
}