wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 21:12:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6301 from miyazakh/ra_cryptonly

Browse Source 
Add Renesas SCE RSA Crypt Only support
This commit is contained in:
Chris Conlon
2023-05-12 16:32:15 -06:00
committed by GitHub
parent 1b6ab01d0b a2776ad35e
commit a474179cdf
20 changed files with 1143 additions and 190 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
wolfcrypt/src/include.am
View File

@@ -124,6 +124,7 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
wolfcrypt/src/port/Renesas/renesas_sce_util.c \
wolfcrypt/src/port/Renesas/renesas_sce_aes.c \
wolfcrypt/src/port/Renesas/renesas_sce_sha.c \
wolfcrypt/src/port/Renesas/renesas_sce_rsa.c \
wolfcrypt/src/port/Renesas/renesas_common.c \
wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c \
wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c \

165
wolfcrypt/src/port/Renesas/renesas_common.c
View File

@@ -21,9 +21,12 @@
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
#if defined(WOLFSSL_RENESAS_SCEPROTECT) \
|| defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) \
|| defined(WOLFSSL_RENESAS_TSIP_TLS)
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
#define cmn_hw_lock wc_sce_hw_lock
#define cmn_hw_unlock wc_sce_hw_unlock
@@ -128,7 +131,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
#endif
@@ -221,7 +225,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
}
#endif /* HAVE_ECC */
}
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
@@ -230,13 +235,13 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
if (info->cipher.type == WC_CIPHER_AES_GCM) {
if (info->cipher.enc &&
(cbInfo->session_key_set == 1 ||
(cbInfo->aes256_installedkey_set == 1 &&
(cbInfo->keyflgs_tls.bits.session_key_set == 1 ||
(cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 32) ||
(cbInfo->aes128_installedkey_set == 1 &&
(cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 16))) {
if (cbInfo->aes256_installedkey_set == 1 &&
if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 32) {
XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
@@ -245,7 +250,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aesgcm_enc.aes->ctx.keySize = 32;
}
else if (cbInfo->aes128_installedkey_set == 1 &&
else if (
cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_enc.aes->keylen == 16) {
XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
@@ -268,13 +274,13 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
(void*)ctx);
}
else if (cbInfo->session_key_set == 1 ||
(cbInfo->aes256_installedkey_set == 1 &&
else if (cbInfo->keyflgs_tls.bits.session_key_set == 1 ||
(cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 32) ||
(cbInfo->aes128_installedkey_set == 1 &&
(cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 16)) {
if (cbInfo->aes256_installedkey_set == 1 &&
if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 32) {
XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
@@ -283,7 +289,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aesgcm_dec.aes->ctx.keySize = 32;
}
else if (cbInfo->aes128_installedkey_set == 1 &&
else if (
cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aesgcm_dec.aes->keylen == 16) {
XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
@@ -309,23 +316,25 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_AESGCM */
#ifdef HAVE_AES_CBC
if ((info->cipher.type == WC_CIPHER_AES_CBC) &&
(cbInfo->session_key_set == 1 ||
(cbInfo->aes256_installedkey_set == 1 &&
(cbInfo->keyflgs_tls.bits.session_key_set == 1 ||
(cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) ||
(cbInfo->aes128_installedkey_set == 1 &&
(cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 16))) {
if (info->cipher.enc) {
if (cbInfo->aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) {
if (
cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
info->cipher.aescbc.aes->ctx.keySize = 32;
}
else if (cbInfo->aes128_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 16) {
else if (
cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
&& info->cipher.aescbc.aes->keylen == 16) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
@@ -339,15 +348,16 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
info->cipher.aescbc.sz);
}
else {
if (cbInfo->aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) {
if (
cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 32) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
info->cipher.aescbc.aes->ctx.keySize = 32;
} else if (cbInfo->aes128_installedkey_set == 1 &&
info->cipher.aescbc.aes->keylen == 16) {
} else if (
cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
&& info->cipher.aescbc.aes->keylen == 16) {
XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
&cbInfo->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
@@ -364,6 +374,71 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
#endif /* HAVE_AES_CBC */
#endif /* !NO_AES || !NO_DES3 */
}
#if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
else if (info->algo_type == WC_ALGO_TYPE_PK) {
#if !defined(NO_RSA)
#if defined(WOLFSSL_KEY_GEN)
if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
(info->pk.rsakg.size == 1024 ||
info->pk.rsakg.size == 2048)) {
ret = wc_sce_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
}
#endif
if (info->pk.type == WC_PK_TYPE_RSA) {
/* to perform RSA on SCE, wrapped keys should be installed
* in advance. SCE supports 1024 or 2048 bits key size.
* otherwise, falls-through happens.
*/
if (cbInfo->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1
||
cbInfo->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1
||
cbInfo->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1
||
cbInfo->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1
) {
if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT ||
info->pk.rsa.type == RSA_PUBLIC_ENCRYPT )
{
ret = wc_sce_RsaFunction(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.type,
info->pk.rsa.key,
info->pk.rsa.rng,
(void*)ctx);
}
else if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT /* sign */){
ret = wc_sce_RsaSign(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.key,
(void*)ctx);
}
else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
ret = wc_sce_RsaVerify(info->pk.rsa.in,
info->pk.rsa.inLen,
info->pk.rsa.out,
info->pk.rsa.outLen,
info->pk.rsa.key,
(void*)ctx);
}
}
else {
WOLFSSL_MSG(
"SCE can handle 1024 or 2048 bit key size. "
"key size is not either 1024 or 2048. "
"Or wrapped key is not installed. "
"RSA operation falls through to SW operation.");
}
}
#endif /* NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
}
#endif /* NO_RSA */
#endif /* TSIP or SCE */
(void)devIdArg;
@@ -385,7 +460,8 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
ret = tsip_usable(ssl, session_key_generated);
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
ret = wc_sce_usable(ssl, session_key_generated);
#endif
@@ -408,11 +484,19 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
#endif
if (cbInfo == NULL || ssl == NULL) {
if (cbInfo == NULL
#if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
!defined(HAVE_RENESAS_SYNC)
|| ssl == NULL) {
#else
) {
#endif
printf("Invalid devId\n");
return INVALID_DEVID;
}
/* need exclusive control because of static variable */
@@ -432,9 +516,11 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
return INVALID_DEVID;
}
#if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
!defined(HAVE_RENESAS_SYNC)
if (ssl)
wolfSSL_SetDevId(ssl, cbInfo->devId);
#endif
/* sanity check for overflow */
if (gdevId < 0) {
gdevId = 7890;
@@ -456,6 +542,10 @@ void wc_CryptoCb_CleanupRenesasCmn(int* id)
}
#endif /* WOLF_CRYPTO_CB */
#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
/* WOLFSSL_RENESAS_TSIP_TLS*/
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
/* Renesas Security Library Common Method
* Check CA index if CA can be used for SCE/TSIP because
@@ -591,8 +681,9 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
* cm_row CA index
* return FSP_SUCCESS(0) on success, otherwise WOLFSSL_FATAL_ERROR
*/
int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, word32 key_n_start,
word32 key_n_len, word32 key_e_start, word32 key_e_len, word32 cm_row)
int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
word32 key_n_start, word32 key_n_len, word32 key_e_start,
word32 key_e_len, word32 cm_row)
{
int ret;
@@ -661,7 +752,8 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
/* Renesas Security Library Common Callback
* Callback for setting Encrypt Keys.
* Register callback for setting Encrypt Keys when keys are generated by SCE/TSIP
* Register callback for setting Encrypt Keys when keys are generated
* by SCE/TSIP
*
* ssl the WOLFSSL object
* ctx Callback context
@@ -679,11 +771,14 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx)
#if defined(WOLFSSL_RENESAS_TSIP_TLS)
TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
if (cbInfo->session_key_set == 1) {
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
#endif
if (cbInfo->session_key_set == 1) {
if (cbInfo->keyflgs_tls.bits.session_key_set == 1) {
#endif
ret = 0;
wolfSSL_CTX_SetTlsFinishedCb(ssl->ctx, Renesas_cmn_TlsFinished);

78
wolfcrypt/src/port/Renesas/renesas_sce_aes.c
View File

@@ -26,7 +26,8 @@
#ifndef NO_AES
#if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_SCEPROTECT_AES)
#include <wolfssl/wolfcrypt/wc_port.h>
@@ -151,9 +152,10 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
XMEMSET((void*)cipherBuf, 0, sz + delta);
XMEMSET((void*)authTag, 0, authTagSz);
}
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
if (ret == 0 &&
info->session_key_set == 1) {
info->keyflgs_tls.bits.session_key_set == 1) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
*/
@@ -174,21 +176,29 @@ WOLFSSL_LOCAL int wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
}
}
else if (info->aes256_installedkey_set == 1 || info->aes128_installedkey_set == 1) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_client_aes, &info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
else {
#else
if (ret == 0) {
#endif
if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_client_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
}
else {
XMEMCPY(&key_client_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
}
iv_l = iv;
ivSz_l = ivSz;
}
else {
XMEMCPY(&key_client_aes, &info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
iv_l = iv;
ivSz_l = ivSz;
}
else {
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
if (ret == 0) {
@@ -339,9 +349,9 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
XMEMCPY(cipherBuf, in, sz);
XMEMCPY(aTagBuf, authTag, authTagSz);
}
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
if (ret == 0 &&
info->session_key_set == 1) {
info->keyflgs_tls.bits.session_key_set == 1) {
/* generate AES-GCM session key. The key stored in
* Aes.ctx.tsip_keyIdx is not used here.
*/
@@ -361,23 +371,31 @@ WOLFSSL_LOCAL int wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
ret = -1;
}
}
else if (info->aes256_installedkey_set == 1 || info->aes128_installedkey_set == 1) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_server_aes, &info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
else {
#else
if (ret == 0) {
#endif
if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
if (aes->ctx.keySize == 32) {
XMEMCPY(&key_server_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
sizeof(sce_aes_wrapped_key_t));
}
else {
XMEMCPY(&key_server_aes,
(sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
}
iv_l = iv;
ivSz_l = ivSz;
}
else {
XMEMCPY(&key_server_aes, &info->sce_wrapped_key_aes128,
sizeof(sce_aes_wrapped_key_t));
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
iv_l = iv;
ivSz_l = ivSz;
}
else {
WOLFSSL_MSG("AES key for SCE is not set.");
ret = -1;
}
if (ret == 0) {
/* since key_index has iv and ivSz in it, no need to pass them init
* func. Pass NULL and 0 as 3rd and 4th parameter respectively.

437
wolfcrypt/src/port/Renesas/renesas_sce_rsa.c Normal file
View File

@@ -0,0 +1,437 @@
/* renesas_sce_rsa.c
*
* Copyright (C) 2006-2023 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#if !defined(NO_RSA) && \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include <string.h>
#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/rsa.h>
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
/* Make Rsa key for SCE and set it to callback ctx
* Assumes to be called by Crypt Callback
*
* size desired keylenth, in bits. supports 1024 or 2048 bits
* ctx Callback context including pointer to hold generated key
* return FSP_SUCCESS(0) on Success, otherwise negative value
*/
WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
{
fsp_err_t ret;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
sce_rsa1024_wrapped_pair_key_t *wrapped_pair1024_key = NULL;
sce_rsa2048_wrapped_pair_key_t *wrapped_pair2048_key = NULL;
/* sanity check */
if (ctx == NULL)
return BAD_FUNC_ARG;
if ((ret = wc_sce_hw_lock()) == 0) {
if (size == 1024) {
wrapped_pair1024_key =
(sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
sizeof(sce_rsa1024_wrapped_pair_key_t), NULL,
DYNAMIC_TYPE_RSA_BUFFER);
if (wrapped_pair1024_key == NULL)
return MEMORY_E;
ret = R_SCE_RSA1024_WrappedKeyPairGenerate(wrapped_pair1024_key);
}
else if (size == 2048) {
wrapped_pair2048_key =
(sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
sizeof(sce_rsa2048_wrapped_pair_key_t), NULL,
DYNAMIC_TYPE_RSA_BUFFER);
if (wrapped_pair2048_key == NULL)
return MEMORY_E;
ret = R_SCE_RSA2048_WrappedKeyPairGenerate(wrapped_pair2048_key);
}
else
return CRYPTOCB_UNAVAILABLE;
if (ret == FSP_SUCCESS) {
if (size == 1024) {
if (info->sce_wrapped_key_rsapri1024 != NULL) {
XFREE(info->sce_wrapped_key_rsapri1024, NULL,
DYNAMIC_TYPE_RSA_BUFFER);
}
if (info->sce_wrapped_key_rsapub1024 != NULL) {
XFREE(info->sce_wrapped_key_rsapub1024, NULL,
DYNAMIC_TYPE_RSA_BUFFER);
}
info->sce_wrapped_key_rsapri1024 =
(sce_rsa1024_private_wrapped_key_t*)XMALLOC(
sizeof(sce_rsa1024_private_wrapped_key_t), NULL,
DYNAMIC_TYPE_RSA_BUFFER);
if (info->sce_wrapped_key_rsapri1024 == NULL) {
XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
return MEMORY_E;
}
info->sce_wrapped_key_rsapub1024 =
(sce_rsa1024_public_wrapped_key_t*)XMALLOC(
sizeof(sce_rsa1024_public_wrapped_key_t), NULL,
DYNAMIC_TYPE_RSA_BUFFER);
if (info->sce_wrapped_key_rsapub1024 == NULL) {
XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
XFREE(info->sce_wrapped_key_rsapub1024, 0,
DYNAMIC_TYPE_RSA_BUFFER);
return MEMORY_E;
}
/* copy generated key pair and free malloced key */
XMEMCPY(info->sce_wrapped_key_rsapri1024,
&wrapped_pair1024_key->priv_key,
sizeof(sce_rsa1024_private_wrapped_key_t));
XMEMCPY(info->sce_wrapped_key_rsapub1024,
&wrapped_pair1024_key->pub_key,
sizeof(sce_rsa1024_public_wrapped_key_t));
XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
info->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
info->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
}
else if (size == 2048) {
if (info->sce_wrapped_key_rsapri2048 != NULL) {
XFREE(info->sce_wrapped_key_rsapri2048, NULL,
DYNAMIC_TYPE_RSA_BUFFER);
}
if (info->sce_wrapped_key_rsapub2048 != NULL) {
XFREE(info->sce_wrapped_key_rsapub2048, NULL,
DYNAMIC_TYPE_RSA_BUFFER);
}
info->sce_wrapped_key_rsapri2048 =
(sce_rsa2048_private_wrapped_key_t*)XMALLOC(
sizeof(sce_rsa2048_private_wrapped_key_t), NULL,
DYNAMIC_TYPE_RSA_BUFFER);
if (info->sce_wrapped_key_rsapri2048 == NULL) {
XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
return MEMORY_E;
}
info->sce_wrapped_key_rsapub2048 =
(sce_rsa2048_public_wrapped_key_t*)XMALLOC(
sizeof(sce_rsa2048_public_wrapped_key_t), NULL,
DYNAMIC_TYPE_RSA_BUFFER);
if (info->sce_wrapped_key_rsapub2048 == NULL) {
XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
XFREE(info->sce_wrapped_key_rsapub1024, 0,
DYNAMIC_TYPE_RSA_BUFFER);
return MEMORY_E;
}
/* copy generated key pair and free malloced key */
XMEMCPY(info->sce_wrapped_key_rsapri2048,
&wrapped_pair2048_key->priv_key,
sizeof(sce_rsa2048_private_wrapped_key_t));
XMEMCPY(info->sce_wrapped_key_rsapub2048,
&wrapped_pair2048_key->pub_key,
sizeof(sce_rsa2048_public_wrapped_key_t));
XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
info->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
info->keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
}
}
else {
WOLFSSL_MSG("Failed to generate key pair by SCE");
return CRYPTOCB_UNAVAILABLE;
}
wc_sce_hw_unlock();
}
}
/* Perform rsa encryption/decryption by SCE
* Assumes to be called by Crypt Callback
*
* in Buffer to hold plain text
* inLen Length of plain text in bytes
* out Buffer to hold cipher text
* outLen Length of cipher in bytes
* key Rsa key object
* rng rng object
* ctx Callback context
* return FSP_SUCCESS(0) on Success, otherwise negative value
*/
WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
word32 outLen, int type, struct RsaKey* key,
struct WC_RNG* rng, void* ctx)
{
int ret;
sce_rsa_byte_data_t plain;
sce_rsa_byte_data_t cipher;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
int keySize;
(void) key;
(void) rng;
/* sanity check */
if (in == NULL || out == NULL || outLen == NULL ||
ctx == NULL){
return BAD_FUNC_ARG;
}
keySize = 0;
if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
keySize = 2048;
else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
keySize = 1024;
if (keySize == 0) {
WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
"1024 or 2048 bits.");
return BAD_FUNC_ARG;
}
if ((ret = wc_sce_hw_lock()) == 0) {
if (type == RSA_PUBLIC_ENCRYPT) {
plain.pdata = (byte*)in;
plain.data_length = inLen;
cipher.pdata = out;
cipher.data_length = outLen;
if (keySize == 1024) {
if(info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS1024_Encrypt(&plain, &cipher,
(sce_rsa1024_public_wrapped_key_t*)
info->sce_wrapped_key_rsapub1024);
else {
WOLFSSL_MSG("wrapped public 1024 bits key is not set.");
return BAD_FUNC_ARG;
}
}
else {
if(info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher,
(sce_rsa2048_public_wrapped_key_t*)
info->sce_wrapped_key_rsapub2048);
else {
WOLFSSL_MSG("wrapped public 2048 bits key is not set.");
return BAD_FUNC_ARG;
}
}
}
else if (type == RSA_PRIVATE_DECRYPT) {
plain.pdata = out;
plain.data_length = outLen;
cipher.pdata = (byte*)in;
cipher.data_length = inLen;
if (keySize == 1024) {
if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS1024_Decrypt(&cipher, &plain,
(sce_rsa1024_private_wrapped_key_t*)
info->sce_wrapped_key_rsapri1024);
else {
WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
return BAD_FUNC_ARG;
}
}
else {
if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1)
ret = R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain,
(sce_rsa2048_private_wrapped_key_t*)
info->sce_wrapped_key_rsapri2048);
else {
WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
return BAD_FUNC_ARG;
}
}
}
wc_sce_hw_unlock();
}
return ret;
}
/* Perform Rsa sign by SCE
* Assumes to be called by Crypt Callback
*
* in Buffer to hold plaintext
* inLen Length of plaintext in bytes
* out Buffer to hold generated signature
* outLen Length of signature in bytes
* key rsa key object
* ctx The callback context
* return FSP_SUCCESS(0) on Success, otherwise negative value
*/
WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
word32* outLen, struct RsaKey* key, void* ctx)
{
int ret;
sce_rsa_byte_data_t message_hash;
sce_rsa_byte_data_t signature;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
int keySize;
(void) key;
/* sanity check */
if (in == NULL || out == NULL || outLen == NULL ||
key == NULL || ctx == NULL){
return BAD_FUNC_ARG;
}
keySize = 0;
if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
keySize = 2048;
else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
keySize = 1024;
if (keySize == 0) {
WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
return BAD_FUNC_ARG;
}
message_hash.pdata = in;
message_hash.data_length = inLen;
message_hash.data_type =
info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
signature.pdata = out;
signature.data_length = outLen;
if ((ret = wc_sce_hw_lock()) == 0) {
if (keySize == 1024) {
ret = R_SCE_RSASSA_PKCS1024_SignatureGenerate(&message_hash,
&signature,
(sce_rsa1024_private_wrapped_key_t *)
info->sce_wrapped_key_rsapri1024,
HW_SCE_RSA_HASH_SHA256);
}
else {
ret = R_SCE_RSASSA_PKCS2048_SignatureGenerate(&message_hash,
&signature,
(sce_rsa2048_private_wrapped_key_t *)
info->sce_wrapped_key_rsapri2048,
HW_SCE_RSA_HASH_SHA256);
}
wc_sce_hw_unlock();
}
return ret;
}
/* Perform Rsa verify by SCE
* Assumes to be called by Crypt Callback
*
* in Buffer to hold plaintext
* inLen Length of plaintext in bytes
* out Buffer to hold generated signature
* outLen Length of signature in bytes
* key rsa key object
* ctx The callback context
* return FSP_SUCCESS(0) on Success, otherwise negative value
*/
WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
word32* outLen,struct RsaKey* key, void* ctx)
{
int ret;
sce_rsa_byte_data_t message_hash;
sce_rsa_byte_data_t signature;
User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
int keySize;
(void) key;
/* sanity check */
if (in == NULL || out == NULL || outLen == NULL ||
key == NULL || ctx == NULL){
return BAD_FUNC_ARG;
}
keySize = 0;
if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
keySize = 2048;
else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
keySize = 1024;
if (keySize == 0) {
WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
return BAD_FUNC_ARG;
}
message_hash.pdata = in;
message_hash.data_length = inLen;
message_hash.data_type =
info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
signature.pdata = out;
signature.data_length = outLen;
if ((ret = wc_sce_hw_lock()) == 0) {
if (keySize == 1024) {
ret = R_SCE_RSASSA_PKCS1024_SignatureVerify(&signature,
&message_hash,
(sce_rsa1024_public_wrapped_key_t *)
info->sce_wrapped_key_rsapub1024,
HW_SCE_RSA_HASH_SHA256);
}
else {
ret = R_SCE_RSASSA_PKCS2048_SignatureVerify(&signature,
&message_hash,
(sce_rsa2048_public_wrapped_key_t *)
info->sce_wrapped_key_rsapub2048,
HW_SCE_RSA_HASH_SHA256 );
}
wc_sce_hw_unlock();
}
return ret;
}
#endif /* !NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */

3
wolfcrypt/src/port/Renesas/renesas_sce_sha.c
View File

@@ -30,7 +30,8 @@
#include <wolfssl/wolfcrypt/logging.h>
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>

21
wolfcrypt/src/port/Renesas/renesas_sce_util.c
View File

@@ -20,7 +20,8 @@
*/
#include <wolfssl/wolfcrypt/settings.h>
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -168,6 +169,8 @@ WOLFSSL_LOCAL void wc_sce_Close()
}
}
#ifndef WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
/* Verify Server Key Exchange while doing ECDH key exchange */
static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig,
@@ -220,11 +223,11 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
if (ret != FSP_SUCCESS) {
WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
cbInfo->pk_key_set = 0;
cbInfo->keyflgs_tls.bits.pk_key_set = 0;
}
else {
ret = WOLFSSL_SUCCESS;
cbInfo->pk_key_set = 1;
cbInfo->keyflgs_tls.bits.pk_key_set = 1;
}
}
else {
@@ -358,7 +361,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n",
side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id);
if (cbInfo->pk_key_set == 1) {
if (cbInfo->keyflgs_tls.bits.pk_key_set == 1) {
if ((ret = wc_sce_hw_lock()) == 0) {
/* Generate ECC PUblic key pair */
ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate(
@@ -404,6 +407,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
return ret;
}
#endif
/* Return tls cipher suite enumeration that is supported by SCE library */
static uint32_t GetSceCipherSuite(
uint8_t cipherSuiteFirst,
@@ -780,7 +784,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
dec->aes->devId = devId;
/* marked as session key is set */
cbInfo->session_key_set = 1;
cbInfo->keyflgs_tls.bits.session_key_set = 1;
}
/* unlock hw */
wc_sce_hw_unlock();
@@ -1134,8 +1138,8 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
return -1;
}
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->pk_key_set = 0;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->session_key_set = 0;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.session_key_set = 0;
wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
wolfSSL_SetRsaEncCtx(ssl, user_ctx);
@@ -1151,5 +1155,6 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
return 0;
}
#endif /* !WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
#endif /* WOLFSSL_RENESAS_SCEPROTECT */
#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */

3
wolfcrypt/src/random.c
View File

@@ -3488,7 +3488,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
}
return ret;
}
#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include "r_sce.h"
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)

29
wolfcrypt/src/rsa.c
View File

@@ -3385,7 +3385,22 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
pad_value, pad_type, hash, mgf, label,
labelSz, sz);
}
#endif /* WOLFSSL_CRYPTOCELL */
#elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
/* SCE needs warpped key which is passed via
* user ctx object of crypt-call back.
*/
#ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) {
/* SCE supports 1024 and 2048 bits */
ret = wc_CryptoCb_Rsa(in, inLen, out,
outLen, rsa_type, key, rng);
if (ret != CRYPTOCB_UNAVAILABLE)
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code and try using software */
}
#endif
#endif /* WOLFSSL_SE050 */
key->state = RSA_STATE_ENCRYPT_PAD;
ret = wc_RsaPad_ex(in, inLen, out, (word32)sz, pad_value, rng, pad_type,
@@ -3529,6 +3544,18 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
}
return ret;
}
#elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#ifdef WOLF_CRYPTO_CB
if (key->devId != INVALID_DEVID) {
ret = wc_CryptoCb_Rsa(in, inLen, out,
outLen, rsa_type, key, rng);
if (ret != CRYPTOCB_UNAVAILABLE)
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code and try using software */
}
#endif
#endif /* WOLFSSL_CRYPTOCELL */

13
wolfcrypt/src/sha256.c
View File

@@ -222,7 +222,9 @@ on the specific device platform.
(!defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
!defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
!defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH) && \
(!defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) && \
((!defined(WOLFSSL_RENESAS_SCEPROTECT) && \
!defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) \
|| defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) && \
(!defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)) && \
!defined(WOLFSSL_RENESAS_RX64_HASH)
@@ -796,7 +798,8 @@ static int InitSha256(wc_Sha256* sha256)
/* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \
#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
/* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
@@ -1804,7 +1807,8 @@ void wc_Sha256Free(wc_Sha256* sha256)
(defined(WOLFSSL_DEVCRYPTO_HASH) && defined(WOLFSSL_DEVCRYPTO_HASH_KEEP)) || \
(defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
!defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
(defined(WOLFSSL_RENESAS_SCEPROTECT) && \
((defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) || \
defined(WOLFSSL_RENESAS_RX64_HASH) || \
defined(WOLFSSL_HASH_KEEP)
@@ -1992,7 +1996,8 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
/* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \
#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
!defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
/* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */

9
wolfcrypt/src/wc_port.c
View File

@@ -61,7 +61,8 @@
#if defined(WOLFSSL_RENESAS_TSIP)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
#endif
#if defined(WOLFSSL_RENESAS_SCE)
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
#endif
#if defined(WOLFSSL_RENESAS_RX64_HASH)
@@ -187,7 +188,8 @@ int wolfCrypt_Init(void)
}
#endif
#if defined(WOLFSSL_RENESAS_SCEPROTECT)
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
ret = wc_sce_Open( );
if( ret != FSP_SUCCESS ) {
WOLFSSL_MSG("RENESAS SCE Open failed");
@@ -436,7 +438,8 @@ int wolfCrypt_Cleanup(void)
rx64_hw_Close();
#endif
#ifdef WOLFSSL_RENESAS_SCEPROTECT
#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
wc_sce_Close();
#endif