generalize sce protect impl to fsp sm(secure module)

IDE/Renesas/e2studio/RA6M4/common/user_settings.h

@@ -18,6 +18,32 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    /* FSP SM stands for Flexible Software Package Security Module
+    *  WOLFSSL_RENESAS_FSPSM enables fundamental code when it uses.
+    *    e.g. Open/Close/Random generator
+    *  WOLFSSL_RENESAS_FSPSPM_TLS enables TLS related code for FSP SM
+    *    e.g. Certificate verification, Master Secret Generation
+    *  WOLFSSL_RENESAS_SCEPROTECT enables specific code for SCE if needed
+    */
+#   define WOLFSSL_RENESAS_FSPSM
+#   define WOLFSSL_RENESAS_FSPSM_TLS
+#endif
+
+    /* XXX_CRYPTONLY definition enables FSP SM module for Crypto only use.
+    *  Therefore, it disables TLS related API use
+    */
+/* #   define WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#   undef  WOLFSSL_RENESAS_FSPSM_TLS
+#   define WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+
+#   if !defined(WOLFSSL_RENESAS_SCEPROTECT)
+#        define WOLFSSL_RENESAS_SCEPROTECT
+#   endif
+#endif
+
 /* Operating Environment and Threading */
 #define FREERTOS
 #define FREERTOS_TCP
@@ -61,6 +87,9 @@
     #define printf myprintf
 #endif
 
+/* Enable the following definition to use TLS 1.3
+ * For TLS1.3 use "extended-master" needs to turn on
+ */
 /* #define WOLFSSL_TLS13 */
 
 #if defined(WOLFSSL_TLS13)

IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h

@@ -82,7 +82,7 @@ typedef struct tagTestInfo
 void sce_test();
 void TCPInit();
 void wolfSSL_TLS_client_init();
-void wolfSSL_TLS_client_do(void *pvParam);
+int wolfSSL_TLS_client_do(void *pvParam);
 void wolfSSL_TLS_cleanup();
 extern WOLFSSL_CTX *client_ctx;
 

IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c

@@ -72,32 +72,32 @@ const st_user_key_block_data_t g_key_block_data =
  * This is used for Root Certificate verify by SCE */
 const unsigned char ca_cert_der_sign[] =
 {
-        0x19, 0xB4, 0xD1, 0x53, 0xBB, 0x87, 0x0B, 0xD8, 0xD8, 0xFC,
-        0x22, 0x21, 0xA6, 0xC1, 0xE5, 0xB2, 0x7A, 0xEF, 0xAF, 0x89,
-        0x8B, 0x92, 0xC9, 0x4E, 0x59, 0xF0, 0x0B, 0xAB, 0x24, 0x84,
-        0x60, 0x2D, 0x81, 0x42, 0x4A, 0x05, 0x2F, 0x2D, 0xAB, 0x20,
-        0x3F, 0x8D, 0xCA, 0x9F, 0x37, 0x4B, 0xDF, 0xE3, 0x2A, 0xA3,
-        0x3F, 0x4E, 0x09, 0x20, 0x08, 0xD4, 0x46, 0xD9, 0xF0, 0xD8,
-        0xA7, 0x43, 0x60, 0xE2, 0x1D, 0xF7, 0x25, 0x64, 0x38, 0xD2,
-        0xB1, 0x4E, 0x1F, 0x84, 0xFC, 0xC5, 0x55, 0x2C, 0x1A, 0xA2,
-        0xCE, 0x99, 0xD0, 0x21, 0x93, 0xA5, 0xDB, 0x6F, 0x14, 0x2C,
-        0xDF, 0x9A, 0x01, 0x6A, 0x9A, 0xCC, 0xB0, 0x08, 0xD8, 0xCF,
-        0xA8, 0x94, 0x41, 0x23, 0xBB, 0xC2, 0xA3, 0x8B, 0x77, 0x35,
-        0x27, 0x0D, 0x94, 0x16, 0xF3, 0xCA, 0x16, 0xA2, 0x4C, 0x2F,
-        0xB0, 0x8D, 0xE6, 0x38, 0xCC, 0x9C, 0x34, 0xE8, 0xDC, 0xDC,
-        0x1C, 0x5C, 0x88, 0x52, 0x97, 0x47, 0xC6, 0xB6, 0x66, 0xCF,
-        0xCE, 0xBF, 0xF0, 0x24, 0x19, 0x0F, 0x07, 0xA5, 0xC4, 0xC6,
-        0x37, 0x0D, 0x2A, 0x11, 0x6A, 0x66, 0x64, 0x62, 0x0E, 0xE6,
-        0xCB, 0xAF, 0xFB, 0x2E, 0x8E, 0x37, 0x1E, 0x6D, 0xD1, 0xAD,
-        0xE4, 0x16, 0x06, 0xFB, 0x43, 0x2E, 0x4D, 0x64, 0x18, 0xB2,
-        0x4C, 0xE7, 0xD3, 0xE9, 0x9B, 0x95, 0x13, 0x7D, 0x7D, 0x93,
-        0xC2, 0x34, 0x43, 0x0C, 0xFF, 0x58, 0xD3, 0xA7, 0x21, 0x8E,
-        0x2B, 0xB3, 0x36, 0x90, 0xF1, 0x1E, 0x0E, 0x87, 0x41, 0x48,
-        0xC9, 0x69, 0x57, 0x89, 0xD0, 0xF7, 0x86, 0x47, 0x8F, 0xF5,
-        0xA8, 0x13, 0x24, 0x0A, 0x7E, 0xE3, 0xBB, 0x9F, 0xF1, 0xDF,
-        0x30, 0xE7, 0x88, 0x70, 0x8A, 0x46, 0xD9, 0x1A, 0x50, 0x42,
-        0x4F, 0xCF, 0xC3, 0xCB, 0xCF, 0xE4, 0xA7, 0xA3, 0x74, 0x0A,
-        0xDE, 0x14, 0xAF, 0xA5, 0x7F, 0xE2
+        0x70, 0x4D, 0x6C, 0xCC, 0xAD, 0xD0, 0x74, 0x34, 0x10, 0xB3,
+        0x1F, 0x26, 0x49, 0x31, 0xD0, 0xD5, 0x0B, 0x4F, 0x50, 0xD4,
+        0x21, 0x7D, 0x3D, 0xE6, 0x9D, 0x5A, 0xF1, 0xE4, 0x48, 0xBD,
+        0x6D, 0xB3, 0x58, 0xB4, 0x07, 0xF1, 0x06, 0xA7, 0x3D, 0xB7,
+        0x24, 0x60, 0xBD, 0x72, 0xB2, 0x7B, 0xA8, 0x4F, 0xFC, 0x47,
+        0x64, 0xF0, 0x04, 0xBE, 0xC7, 0xAE, 0xB6, 0x6F, 0xA5, 0xD6,
+        0x65, 0xE9, 0xB5, 0x3D, 0x8A, 0xC8, 0x27, 0x9A, 0x3B, 0x4C,
+        0x98, 0xB0, 0x5F, 0x1E, 0x54, 0xA5, 0xEF, 0xBC, 0x61, 0xA7,
+        0x3F, 0xB7, 0x5D, 0x36, 0x5A, 0x27, 0x1C, 0x5A, 0xAF, 0x65,
+        0x7A, 0x89, 0x4F, 0x00, 0xB1, 0x75, 0xA7, 0xA9, 0x5C, 0xE8,
+        0xC8, 0x0E, 0x5C, 0x83, 0x12, 0x47, 0x11, 0xD1, 0xBD, 0xF4,
+        0x10, 0x7D, 0x7B, 0xD6, 0x05, 0xF7, 0xBE, 0xD2, 0x70, 0x05,
+        0x56, 0xD6, 0x84, 0x70, 0x11, 0x3D, 0x67, 0x93, 0x2E, 0xB0,
+        0x93, 0xBA, 0x34, 0xD0, 0xDE, 0xB8, 0x16, 0x7B, 0x0D, 0x67,
+        0x16, 0x92, 0x91, 0x79, 0xAC, 0x3C, 0xC9, 0x4D, 0x8A, 0xEE,
+        0x31, 0xCC, 0xFC, 0xF7, 0x78, 0xB3, 0x1B, 0x0F, 0x54, 0xCE,
+        0xF4, 0xBB, 0xE7, 0xF4, 0xAC, 0x80, 0xEF, 0xDD, 0xFF, 0x84,
+        0x7A, 0x37, 0xED, 0xC4, 0x45, 0x3D, 0x7C, 0x19, 0x81, 0x95,
+        0x2E, 0x71, 0xE7, 0x1B, 0x1C, 0x75, 0x67, 0xBC, 0x62, 0x0F,
+        0xAA, 0x90, 0x41, 0x01, 0x53, 0xD0, 0x3A, 0x6E, 0xE9, 0xC9,
+        0xAA, 0x2F, 0xD1, 0xD8, 0xB3, 0x3B, 0x80, 0xCA, 0xE5, 0xA1,
+        0x1B, 0x7F, 0xCF, 0xF5, 0xBF, 0x2C, 0x2B, 0xBE, 0x1F, 0x77,
+        0x89, 0x21, 0xD7, 0x76, 0x51, 0xA8, 0xD0, 0x31, 0xE1, 0x97,
+        0xD1, 0x63, 0x84, 0xA2, 0xAA, 0x6E, 0x9A, 0x33, 0x43, 0x65,
+        0x2A, 0x6B, 0x40, 0x03, 0x84, 0x6F, 0xC7, 0xB3, 0xE5, 0xD8,
+        0x64, 0x30, 0x12, 0x2A, 0x45, 0x1D
 };
 
 const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign);
@@ -108,32 +108,32 @@ const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign);
  */
 const unsigned char ca_ecc_cert_der_sign[] =
 {
-        0x66, 0x96, 0xB4, 0x9F, 0x0B, 0x56, 0x60, 0x1F, 0x01, 0x7A,
-        0xDE, 0x65, 0xD6, 0x8C, 0x2A, 0xE2, 0x20, 0xA0, 0xE8, 0x19,
-        0x99, 0x70, 0x8B, 0x17, 0x1B, 0xDA, 0x8C, 0x3A, 0x87, 0x07,
-        0xE7, 0xF9, 0x1B, 0x7C, 0xC1, 0x32, 0x55, 0x38, 0x15, 0x9C,
-        0x7B, 0x89, 0xDA, 0x9D, 0x57, 0x80, 0x50, 0xCF, 0xA6, 0x4C,
-        0x51, 0x71, 0xBA, 0x52, 0xFA, 0x58, 0x4C, 0xE7, 0x33, 0x08,
-        0xB9, 0xE7, 0x5F, 0x7E, 0x8A, 0x1D, 0xCC, 0xA8, 0x4A, 0xA9,
-        0xAF, 0xE5, 0xA1, 0x87, 0x59, 0xD0, 0xF7, 0x23, 0xAE, 0xC5,
-        0x42, 0x99, 0xFA, 0x4A, 0xAB, 0xFA, 0x08, 0xF9, 0x7C, 0x8D,
-        0xD3, 0xB1, 0xF7, 0xD8, 0x01, 0x3C, 0x06, 0xD5, 0x2C, 0xBF,
-        0x18, 0xF1, 0x45, 0x47, 0x5D, 0xA4, 0x7F, 0x90, 0x4E, 0x0C,
-        0x86, 0x41, 0x5F, 0x26, 0x25, 0x8B, 0x8A, 0xD8, 0x3F, 0x4B,
-        0xAF, 0xD5, 0xBE, 0xD9, 0xC6, 0x46, 0x2A, 0x2B, 0xC3, 0x10,
-        0x93, 0xCB, 0x1E, 0xFB, 0x3D, 0x8A, 0x39, 0xB6, 0x03, 0x9D,
-        0xC2, 0x16, 0xA1, 0xB5, 0x9C, 0x0D, 0x05, 0x5E, 0x1B, 0x30,
-        0x9F, 0x53, 0xEE, 0xF2, 0x27, 0xE1, 0xE3, 0x2F, 0xD9, 0xEB,
-        0xF2, 0xFE, 0xD3, 0x6C, 0x71, 0xCE, 0x28, 0x56, 0x9F, 0x85,
-        0x34, 0xAD, 0x9D, 0x3D, 0x22, 0x3A, 0x33, 0x3B, 0x9F, 0x55,
-        0x4F, 0x10, 0xA9, 0xD2, 0xAB, 0xE0, 0x29, 0x7A, 0x09, 0xF3,
-        0x4E, 0xC1, 0x21, 0xA7, 0xF4, 0xE5, 0x34, 0x6D, 0x68, 0x36,
-        0xE9, 0x7B, 0xD4, 0x42, 0x0A, 0xBC, 0xC4, 0x1F, 0x6C, 0x58,
-        0xB6, 0x65, 0x3F, 0x9F, 0x92, 0x65, 0xF9, 0x83, 0x7A, 0x94,
-        0x66, 0x7C, 0xB2, 0x03, 0x16, 0x65, 0x9E, 0xBF, 0x8C, 0x77,
-        0xB8, 0xA4, 0x13, 0x8B, 0xD3, 0x82, 0x39, 0x94, 0xD1, 0x2A,
-        0xE3, 0x3E, 0x51, 0xEB, 0x56, 0xE2, 0x92, 0x5C, 0x6B, 0xD1,
-        0x30, 0xD1, 0x91, 0x77, 0x6E, 0x28
+        0xB9, 0x59, 0x94, 0xE6, 0xD1, 0x5B, 0xFD, 0x59, 0xBB, 0x4F,
+        0x14, 0x0B, 0x9E, 0x30, 0x61, 0xF9, 0xFA, 0x2C, 0xD8, 0xE2,
+        0x7F, 0xD0, 0x1F, 0x47, 0xDE, 0x14, 0x8E, 0xD1, 0x78, 0x86,
+        0xA4, 0x9B, 0xDC, 0x86, 0x64, 0x2A, 0xD9, 0xBC, 0xBE, 0x61,
+        0x60, 0xB8, 0x1C, 0x46, 0xCE, 0x66, 0x97, 0xC0, 0x32, 0x04,
+        0x38, 0x3B, 0xCB, 0xB7, 0x38, 0x89, 0x11, 0xCE, 0xBA, 0x64,
+        0xE1, 0xDD, 0x4E, 0x3C, 0x6F, 0xA0, 0x48, 0xFA, 0x9F, 0x8F,
+        0xEC, 0x6A, 0xCA, 0xAC, 0x29, 0x4B, 0xD9, 0xF7, 0xE3, 0x03,
+        0xF7, 0xBA, 0xB8, 0xCC, 0x2C, 0xD1, 0xC8, 0x84, 0xFA, 0xF6,
+        0xFA, 0xE4, 0x72, 0xAF, 0x8D, 0x07, 0xF0, 0x3D, 0xD7, 0x58,
+        0x95, 0x08, 0x6F, 0xD5, 0x77, 0x1B, 0x92, 0x81, 0x99, 0x69,
+        0x5C, 0x4D, 0x8F, 0x98, 0xC6, 0x09, 0xC1, 0xEB, 0xB5, 0x86,
+        0x87, 0x47, 0xD7, 0x68, 0x73, 0xE8, 0x1D, 0x1B, 0xFE, 0xA5,
+        0x9C, 0x7A, 0x4B, 0xAD, 0x1A, 0x54, 0x46, 0xA0, 0xC8, 0xF7,
+        0x6C, 0xDD, 0xA6, 0xEF, 0x16, 0x21, 0x18, 0xCE, 0xF8, 0xDE,
+        0x3D, 0xB4, 0x56, 0x0C, 0xBA, 0xB7, 0x95, 0xD1, 0x6D, 0x0D,
+        0x49, 0xE7, 0x78, 0x64, 0x65, 0xC7, 0x24, 0x26, 0x81, 0xCD,
+        0x56, 0xB7, 0xB2, 0x31, 0xF2, 0xD7, 0x64, 0x55, 0x89, 0xCC,
+        0xDB, 0x69, 0x56, 0xED, 0x9B, 0x07, 0x9E, 0xD4, 0x07, 0x5E,
+        0xAF, 0xF0, 0x98, 0x94, 0xD6, 0x87, 0x0C, 0x22, 0xE1, 0x3A,
+        0x88, 0xE1, 0xC4, 0xBC, 0x51, 0x4B, 0x07, 0x4D, 0x2A, 0xCE,
+        0xA8, 0xE8, 0x9F, 0xF7, 0xA2, 0x8A, 0xEA, 0x90, 0x32, 0x20,
+        0xFC, 0xB6, 0x32, 0xE6, 0x8A, 0x47, 0x2B, 0xF4, 0xB4, 0x0F,
+        0x96, 0x7A, 0xC9, 0x0B, 0xF6, 0xBF, 0x69, 0x51, 0x9B, 0x44,
+        0xC2, 0xE2, 0xD6, 0x2D, 0xB1, 0x17, 0xAC, 0x7B, 0x32, 0xF2,
+        0x0E, 0x7A, 0x28, 0x67, 0xAB, 0xA5
 };
 static const int sizeof_ca_ecc_cert_der_sign = sizeof(ca_ecc_cert_der_sign);
 #endif /*  USE_CERT_BUFFERS_256 */

IDE/Renesas/e2studio/RA6M4/test/src/test_main.c

@@ -27,12 +27,12 @@
 
 #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
 defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 #if defined(TLS_MULTITHREAD_TEST)
- User_SCEPKCbInfo guser_PKCbInfo_taskA;
- User_SCEPKCbInfo guser_PKCbInfo_taskB;
+ FSPSM_ST guser_PKCbInfo_taskA;
+ FSPSM_ST guser_PKCbInfo_taskB;
 #else
- User_SCEPKCbInfo guser_PKCbInfo;
+ FSPSM_ST guser_PKCbInfo;
 #endif
 #endif
 
@@ -128,35 +128,39 @@ static void my_Logging_cb(const int logLevel, const char *const logMessage)
 }
 #endif
 
-void Clr_CallbackCtx(User_SCEPKCbInfo *g)
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+void Clr_CallbackCtx(FSPSM_ST *g)
 {
-    if (g->sce_wrapped_key_aes256 != NULL)
-        XFREE(g->sce_wrapped_key_aes256,
+    (void) g;
+
+    if (g->wrapped_key_aes256 != NULL)
+        XFREE(g->wrapped_key_aes256,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_aes128 != NULL)
-        XFREE(g->sce_wrapped_key_aes128,
+    if (g->wrapped_key_aes128 != NULL)
+        XFREE(g->wrapped_key_aes128,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
                             
    #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    if (g->sce_wrapped_key_rsapri2048 != NULL)
-        XFREE(g->sce_wrapped_key_rsapri2048,
+    if (g->wrapped_key_rsapri2048 != NULL)
+        XFREE(g->wrapped_key_rsapri2048,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_rsapub2048 != NULL)
-        XFREE(g->sce_wrapped_key_rsapub2048,
+    if (g->wrapped_key_rsapub2048 != NULL)
+        XFREE(g->wrapped_key_rsapub2048,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_rsapri1024 != NULL)
-        XFREE(g->sce_wrapped_key_rsapri1024,
+    if (g->wrapped_key_rsapri1024 != NULL)
+        XFREE(g->wrapped_key_rsapri1024,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_rsapub2048 != NULL)
-        XFREE(g->sce_wrapped_key_rsapub1024,
+    if (g->wrapped_key_rsapub2048 != NULL)
+        XFREE(g->wrapped_key_rsapub1024,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
    #endif
     XMEMSET(g, 0, sizeof(User_SCEPKCbInfo));
 }
+#endif
 
 void sce_test(void)
 {
@@ -236,15 +240,15 @@ void sce_test(void)
         sce_aes_wrapped_key_t *p1 = NULL;
         sce_aes_wrapped_key_t *p2 = NULL;
 
-        guser_PKCbInfo.sce_wrapped_key_aes256 = 
+        guser_PKCbInfo.wrapped_key_aes256 =
             (sce_aes_wrapped_key_t*)XMALLOC(sizeof(sce_aes_wrapped_key_t), 
                                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        p1 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.sce_wrapped_key_aes256;
+        p1 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.wrapped_key_aes256;
 
-        guser_PKCbInfo.sce_wrapped_key_aes128 = 
+        guser_PKCbInfo.wrapped_key_aes128 =
             (sce_aes_wrapped_key_t*)XMALLOC(sizeof(sce_aes_wrapped_key_t), 
                                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        p2 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.sce_wrapped_key_aes128;
+        p2 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.wrapped_key_aes128;
 
         if ( p1 == NULL || p2 == NULL) {
             printf("failed to alloc memory!");
@@ -276,6 +280,16 @@ void sce_test(void)
     #include "hal_data.h"
     #include "r_sce.h"
     
+#if defined(WOLFSSL_TLS13)
+    /* TLS1.3 needs RSA_PSS enabled.
+     * SCE doesn't support RSA PSS Padding
+     */
+    const char* cipherlist[] = {
+        NULL
+    };
+    const int cipherlist_sz = 1;
+    TestInfo info[cipherlist_sz];
+#else
     #if defined(USE_CERT_BUFFERS_256)
         #if !defined(TLS_MULTITHREAD_TEST)
         const char* cipherlist[] = {
@@ -317,6 +331,7 @@ void sce_test(void)
         TestInfo info[cipherlist_sz];
        #endif
     #endif
+#endif
 
     #ifdef TLS_MULTITHREAD_TEST
     BaseType_t xReturned;
@@ -381,22 +396,26 @@ void sce_test(void)
 
     #else
 
+    int TCP_connect_retry = 0;
     wolfSSL_TLS_client_init();
 
     do {
 
-          info[i].port = DEFAULT_PORT;
-          info[i].cipher = cipherlist[i];
-          info[i].ctx = client_ctx;
-          info[i].id = i;
-
-          memset(info[i].name, 0, sizeof(info[i].name));
-          sprintf(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
+        info[i].port = DEFAULT_PORT;
+        info[i].cipher = cipherlist[i];
+        info[i].ctx = client_ctx;
+        info[i].id = i;
 
-          wolfSSL_TLS_client_do(&info[i]);
+        memset(info[i].name, 0, sizeof(info[i].name));
+        sprintf(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
 
+        if(wolfSSL_TLS_client_do(&info[i]) == -116) {
+            TCP_connect_retry++;
+            continue;
+        }
+        TCP_connect_retry = 0;
         i++;
-    } while (i < cipherlist_sz);
+    } while (i < cipherlist_sz && TCP_connect_retry < 5);
 
     #endif /* SCE_MULTITHREAD_TEST */
 

IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c

@@ -41,10 +41,14 @@ static const byte ucDNSServerAddress[4]   = { 192, 168, 11, 1 };
 
 #ifdef TLS_MULTITHREAD_TEST
      xSemaphoreHandle exit_semaph;
-     extern User_SCEPKCbInfo guser_PKCbInfo_taskA;
-     extern User_SCEPKCbInfo guser_PKCbInfo_taskB;
+#   ifdef WOLFSSL_RENESAS_SCEPROTECT
+     extern FSPSM_ST guser_PKCbInfo_taskA;
+     extern FSPSM_ST guser_PKCbInfo_taskB;
+#   endif
 #else
-     extern User_SCEPKCbInfo guser_PKCbInfo;
+#   ifdef WOLFSSL_RENESAS_SCEPROTECT
+     extern FSPSM_ST guser_PKCbInfo;
+#   endif
 #endif
 
 int SEGGER_RTT_vprintf(unsigned BufferIndex, const char * sFormat, va_list * pParamList);
@@ -125,7 +129,7 @@ void wolfSSL_TLS_client_init()
     #endif
 }
 
-void wolfSSL_TLS_client_do(void *pvParam)
+int wolfSSL_TLS_client_do(void *pvParam)
 {
 
     int ret;
@@ -192,17 +196,17 @@ void wolfSSL_TLS_client_do(void *pvParam)
        /* Set callback CTX */
         #if !defined(TLS_MULTITHREAD_TEST)
         
-        memset(&guser_PKCbInfo, 0, sizeof(User_SCEPKCbInfo));
+        memset(&guser_PKCbInfo, 0, sizeof(FSPSM_ST));
         guser_PKCbInfo.devId = 0;
         wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo);
         
         #else
         if (p->port - DEFAULT_PORT == 0) {
-           memset(&guser_PKCbInfo_taskA, 0, sizeof(User_SCEPKCbInfo));
+           memset(&guser_PKCbInfo_taskA, 0, sizeof(FSPSM_ST));
            wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskA);
         }
         else {
-           memset(&guser_PKCbInfo_taskB, 0, sizeof(User_SCEPKCbInfo));
+           memset(&guser_PKCbInfo_taskB, 0, sizeof(FSPSM_ST));
            wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskB);
         }
         #endif
@@ -257,7 +261,9 @@ void wolfSSL_TLS_client_do(void *pvParam)
         wolfSSL_free(ssl);
         ssl = NULL;
         /* need to reset callback */
+#ifdef WOLFSSL_RENESAS_SCEPROTECT
         wc_sce_set_callbacks(client_ctx);
+#endif
     }
     /* clean up socket */
     if (xClientSocket) {
@@ -270,7 +276,7 @@ void wolfSSL_TLS_client_do(void *pvParam)
     xSemaphoreGive(exit_semaph);
     vTaskDelete(NULL);
 #endif
-
+    return ret;
 }
 
 void wolfSSL_TLS_cleanup()

IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c

@@ -25,11 +25,14 @@
 #include <stdlib.h>
 
 #include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_RENESAS_SCEPROTECT
+
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/aes.h>
 #include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 
 #include "FreeRTOS.h"
 
@@ -63,7 +66,7 @@ int sce_crypt_Sha_AesCbcGcm_multitest();
 int sce_crypt_sha_multitest();
 int sce_crypt_test();
 
-extern User_SCEPKCbInfo guser_PKCbInfo;
+extern FSPSM_ST guser_PKCbInfo;
 
 #if defined(HAVE_AES_CBC)
 
@@ -117,12 +120,12 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
     ret = wc_AesInit(aes, NULL, INVALID_DEVID);
     if (ret == 0) {
         ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
-        XMEMCPY(&aes->ctx.sce_wrapped_key, aes_key,
+        XMEMCPY(&aes->ctx.wrapped_key, aes_key,
                         sizeof(sce_aes_wrapped_key_t));
 
         aes->ctx.keySize = (word32)aes->keylen;
         if (ret == 0) {
-            ret = wc_sce_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
+            ret = wc_fspsm_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
         }
 
         wc_AesFree(aes);
@@ -135,11 +138,11 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
     ret = wc_AesInit(aes, NULL, INVALID_DEVID);
     if (ret == 0) {
         ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
-        XMEMCPY(&aes->ctx.sce_wrapped_key, aes_key,
+        XMEMCPY(&aes->ctx.wrapped_key, aes_key,
                 sizeof(sce_aes_wrapped_key_t));
         aes->ctx.keySize = (word32)aes->keylen;
         if (ret == 0)
-            ret = wc_sce_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
+            ret = wc_fspsm_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
 
         wc_AesFree(aes);
     }
@@ -224,7 +227,7 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
         ret = -3;
         goto out;
     } else {
-        XMEMCPY(&enc->ctx.sce_wrapped_key, aes_key,
+        XMEMCPY(&enc->ctx.wrapped_key, aes_key,
                                 sizeof(sce_aes_wrapped_key_t));
         enc->ctx.keySize = (word32)enc->keylen;
     }
@@ -234,13 +237,13 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
         ret = -4;
         goto out;
     } else {
-        XMEMCPY(&dec->ctx.sce_wrapped_key, aes_key,
+        XMEMCPY(&dec->ctx.wrapped_key, aes_key,
                                 sizeof(sce_aes_wrapped_key_t));
         dec->ctx.keySize = (word32)dec->keylen;
     }
 
     XMEMSET(cipher, 0, AES_BLOCK_SIZE);
-    ret = wc_sce_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+    ret = wc_fspsm_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
 
     if (ret != 0) {
         ret = -5;
@@ -248,7 +251,7 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
     }
 
     XMEMSET(plain, 0, AES_BLOCK_SIZE);
-    ret = wc_sce_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+    ret = wc_fspsm_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
 
     if (ret != 0){
         ret = -6;
@@ -295,7 +298,7 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
 {
     Aes enc[1];
     Aes dec[1];
-    User_SCEPKCbInfo userContext;
+    FSPSM_ST userContext;
     
     
     /*
@@ -369,7 +372,7 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
     XMEMSET(resultT, 0, sizeof(resultT));
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
-    XMEMSET(&userContext, 0, sizeof(User_SCEPKCbInfo));
+    XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
 
     if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
         ret = -1;
@@ -385,13 +388,13 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
         ret = -3;
         goto out;
     } else {
-        userContext.sce_wrapped_key_aes256 = (void*)aes256_key;
+        userContext.wrapped_key_aes256 = (void*)aes256_key;
         userContext.keyflgs_crypt.bits.aes256_installedkey_set = 1;
         enc->ctx.keySize = (word32)enc->keylen;
     }
 
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_sce_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+    result = wc_fspsm_AesGcmEncrypt(enc, resultC, p, sizeof(p),
                                 (byte*)iv1, sizeof(iv1), 
                                 resultT, sizeof(resultT),
                                  a, sizeof(a), &userContext);
@@ -409,7 +412,7 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
         dec->ctx.keySize = (word32)enc->keylen;
     }
 
-    result = wc_sce_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
+    result = wc_fspsm_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
                 iv1, sizeof(iv1), resultT, sizeof(resultT),
                  a, sizeof(a), &userContext);
     if (result != 0){
@@ -427,7 +430,7 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
 
     wc_AesGcmSetKey(enc, k1, sizeof(k1));
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_sce_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+    result = wc_fspsm_AesGcmEncrypt(enc, resultC, p, sizeof(p),
                                 (byte*)iv1, sizeof(iv1),
                                 resultT + 1, sizeof(resultT) - 1,
                                 a, sizeof(a), &userContext);
@@ -436,7 +439,7 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
         goto out;
     }
 
-    result = wc_sce_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
+    result = wc_fspsm_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
               iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1, 
               a, sizeof(a), &userContext);
 
@@ -487,7 +490,7 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
 {
     Aes enc[1];
     Aes dec[1];
-    User_SCEPKCbInfo userContext;
+    FSPSM_ST userContext;
     
     /*
      * This is Test Case 16 from the document Galois/
@@ -564,7 +567,7 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
     XMEMSET(resultT, 0, sizeof(resultT));
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
-    XMEMSET(&userContext, 0, sizeof(User_SCEPKCbInfo));
+    XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
 
     if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
         ret = -1;
@@ -581,7 +584,7 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
         ret = -3;
         goto out;
     } else {
-        userContext.sce_wrapped_key_aes128 = aes128_key;
+        userContext.wrapped_key_aes128 = aes128_key;
         userContext.keyflgs_crypt.bits.aes128_installedkey_set = 1;
         enc->ctx.keySize = (word32)enc->keylen;
     }
@@ -1282,4 +1285,4 @@ int sce_crypt_Sha_AesCbcGcm_multitest()
 
     return ret;
 }
-
+#endif /* WOLFSSL_RENESAS_SCEPROTECT */

IDE/Renesas/e2studio/RA6M4/wolfssl/.project

@@ -397,24 +397,24 @@
 			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_common.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_aes.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_aes.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_aes.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_rsa.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_rsa.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_sha.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_sha.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_sha.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_util.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_util.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_util.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c</locationURI>
 		</link>
 	</linkedResources>
 </projectDescription>

src/internal.c

@@ -259,7 +259,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
 #endif /* !WOLFSSL_NO_TLS12 */
 
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -1926,7 +1926,7 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
     /* set hmac function to use when verifying */
     if (ret == 0 && (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 ||
                      ssl->options.dtls == 1)) {
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS)
         ssl->hmac = TLS_hmac;
     #else
@@ -4850,7 +4850,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
         void* ctx = wolfSSL_GetRsaVerifyCtx(ssl);
         ret = ssl->ctx->RsaVerifyCb(ssl, in, inSz, out, keyBuf, keySz, ctx);
     }
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS)
     else
     #else
@@ -5109,7 +5109,7 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
         void* ctx = wolfSSL_GetRsaEncCtx(ssl);
         ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz, ctx);
     }
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS)
     else
     #else
@@ -5237,7 +5237,7 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
         ret = ssl->ctx->EccVerifyCb(ssl, in, inSz, out, outSz, keyBuf, keySz,
             &ssl->eccVerifyRes, ctx);
     }
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
         !defined(WOLFSSL_MAXQ108X)
     else
@@ -7216,7 +7216,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     #ifndef NO_OLD_TLS
         ssl->hmac = SSL_hmac; /* default to SSLv3 */
     #elif !defined(WOLFSSL_NO_TLS12) && !defined(NO_TLS)
-      #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+      #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
           !defined(WOLFSSL_RENESAS_TSIP_TLS)
         ssl->hmac = TLS_hmac;
       #else
@@ -7974,7 +7974,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
     FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
     ssl->peerRsaKeyPresent = 0;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA);
     Renesas_cmn_Cleanup(ssl);
 #endif
@@ -12698,7 +12698,7 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
 
     /* only setup the verify callback if a PK is set */
 #ifdef HAVE_ECC
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
     sigCtx->pkCbEcc = Renesas_cmn_SigPkCbEccVerify;
     sigCtx->pkCtxEcc = (void*)&sigCtx->CertAtt;
     (void)SigPkCbEccVerify;
@@ -12712,7 +12712,7 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
 #endif
 #ifndef NO_RSA
     /* only setup the verify callback if a PK is set */
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
     sigCtx->pkCbRsa = Renesas_cmn_SigPkCbRsaVerify;
     sigCtx->pkCtxRsa = (void*)&sigCtx->CertAtt;
     (void)SigPkCbRsaVerify;
@@ -14673,7 +14673,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         else {
                             ssl->peerRsaKeyPresent = 1;
                     #if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-                                             defined(WOLFSSL_RENESAS_SCEPROTECT)
+                                             defined(WOLFSSL_RENESAS_FSPSM_TLS)
                         /* copy encrypted tsip key index into ssl object */
                         if (args->dCert->sce_tsip_encRsaKeyIdx) {
                             if (!ssl->peerSceTsipEncRsaKeyIndex) {
@@ -14738,7 +14738,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     {
                         int keyRet = 0;
                         word32 idx = 0;
-                    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+                    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
                         defined(WOLFSSL_RENESAS_TSIP_TLS)
                         /* copy encrypted tsip/sce key index into ssl object */
                         if (args->dCert->sce_tsip_encRsaKeyIdx) {
@@ -29780,8 +29780,8 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                     #endif
                         case rsa_sa_algo:
                         {
-                            #if (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-                                defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)) || \
+                            #if (defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+                                defined(WOLFSSL_RENESAS_FSPSM_ECC)) || \
                                 defined(WOLFSSL_RENESAS_TSIP_TLS)
                             /* already checked signature result by SCE */
                             /* skip the sign checks below              */

src/keys.c

@@ -38,7 +38,7 @@
     #endif
 #endif
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -54,7 +54,7 @@ int SetCipherSpecs(WOLFSSL* ssl)
     #ifndef NO_TLS
             ssl->options.tls = 1;
         #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)
-            #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+            #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                 !defined(WOLFSSL_RENESAS_TSIP_TLS)
             ssl->hmac = TLS_hmac;
             #else
@@ -77,7 +77,7 @@ int SetCipherSpecs(WOLFSSL* ssl)
     #if defined(WOLFSSL_DTLS)
         if (ssl->options.dtls && ssl->version.major == DTLS_MAJOR) {
         #ifndef WOLFSSL_AEAD_ONLY
-            #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+            #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                 !defined(WOLFSSL_RENESAS_TSIP_TLS)
             ssl->hmac = TLS_hmac;
             #else

src/ssl.c

@@ -1057,7 +1057,7 @@ int GetEchConfigsEx(WOLFSSL_EchConfig* configs, byte* output, word32* outputLen)
 #endif /* WOLFSSL_TLS13 && HAVE_ECH */
 
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -5933,7 +5933,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
             ret = BAD_MUTEX_E;
         }
     }
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     /* Verify CA by TSIP so that generated tsip key is going to be able to */
     /* be used for peer's cert verification                                */
     /* TSIP is only able to handle USER CA, and only one CA.               */

wolfcrypt/src/asn.c

@@ -176,7 +176,7 @@ ASN Options:
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -9225,7 +9225,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
 #ifndef NO_RSA
 
 #ifndef HAVE_USER_RSA
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
 /* This function is to retrieve key position information in a cert.*
  * The information will be used to call TSIP TLS-linked API for    *
  * certificate verification.                                       */
@@ -11285,7 +11285,7 @@ void FreeDecodedCert(DecodedCert* cert)
     if (cert->subjectName != NULL)
         wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->subjectName);
 #endif /* WOLFSSL_X509_NAME_AVAILABLE */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (cert->sce_tsip_encRsaKeyIdx != NULL)
         XFREE(cert->sce_tsip_encRsaKeyIdx, cert->heap, DYNAMIC_TYPE_RSA);
 #endif
@@ -11940,7 +11940,7 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     if (GetSequence(source, srcIdx, &length, pubIdx + (word32)pubLen) < 0)
         return ASN_PARSE_E;
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     cert->sigCtx.CertAtt.pubkey_n_start =
             cert->sigCtx.CertAtt.pubkey_e_start = pubIdx;
 #endif
@@ -11976,7 +11976,7 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     cert->publicKeyIndex = dataASN[RSACERTKEYASN_IDX_SEQ].offset;
 #endif
 
-    #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+    #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
         /* Start of SEQUENCE. */
         cert->sigCtx.CertAtt.pubkey_n_start =
             cert->sigCtx.CertAtt.pubkey_e_start = dataASN[RSACERTKEYASN_IDX_SEQ].offset;
@@ -12062,7 +12062,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
         if ((ret = CheckCurve(cert->pkCurveOID)) < 0)
             return ECC_CURVE_OID_E;
 
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
         cert->sigCtx.CertAtt.curve_id = ret;
     #else
         (void)ret;
@@ -12071,7 +12071,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
         ret = CheckBitString(source, srcIdx, &length, maxIdx, 1, NULL);
         if (ret != 0)
             return ret;
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
         cert->sigCtx.CertAtt.pubkey_n_start =
                 cert->sigCtx.CertAtt.pubkey_e_start = (*srcIdx + 1);
         cert->sigCtx.CertAtt.pubkey_n_len = ((length - 1) >> 1);
@@ -16013,7 +16013,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
     byte* rsaKeyIdx)
 {
     int ret = 0;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     CertAttribute* certatt = NULL;
 #endif
 
@@ -16031,7 +16031,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
 
     WOLFSSL_ENTER("ConfirmSignature");
 
-#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_FSPSM_TLS)
     (void)rsaKeyIdx;
 #else
     #if !defined(NO_RSA) || defined(HAVE_ECC)
@@ -16696,12 +16696,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                                 key, keySz,
                                 sigCtx->pkCtxRsa);
                     }
-                #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+                #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                     !defined(WOLFSSL_RENESAS_TSIP_TLS)
                     else
                 #else
                     if (!sigCtx->pkCbRsa || ret == CRYPTOCB_UNAVAILABLE)
-                #endif /* WOLFSSL_RENESAS_SCEPROTECT */
+                #endif /* WOLFSSL_RENESAS_FSPSM_TLS */
                 #endif /* HAVE_PK_CALLBACKS */
                     {
                         ret = wc_RsaSSL_VerifyInline(sigCtx->sigCpy, sigSz,
@@ -16770,12 +16770,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                                 key, keySz, &sigCtx->verify,
                                 sigCtx->pkCtxEcc);
                     }
-                #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+                #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                     !defined(WOLFSSL_RENESAS_TSIP_TLS)
                     else
                 #else
                     if (!sigCtx->pkCbEcc || ret == CRYPTOCB_UNAVAILABLE)
-                #endif /* WOLFSSL_RENESAS_SCEPROTECT */
+                #endif /* WOLFSSL_RENESAS_FSPSM_TLS */
                 #endif /* HAVE_PK_CALLBACKS */
                     {
                         ret = wc_ecc_verify_hash(sig, sigSz, sigCtx->digest,
@@ -16896,7 +16896,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                 {
                     int encodedSigSz, verifySz;
                 #if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-                                            defined(WOLFSSL_RENESAS_SCEPROTECT)
+                                            defined(WOLFSSL_RENESAS_FSPSM_TLS)
                     if (sigCtx->CertAtt.verifyByTSIP_SCE == 1) break;
                 #endif
                 #ifdef WOLFSSL_SMALL_STACK
@@ -22507,7 +22507,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
     int    len = 0;
 #endif
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     int    idx = 0;
 #endif
     byte*  sce_tsip_encRsaKeyIdx;
@@ -22906,7 +22906,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
         }
         #endif /* HAVE_OCSP */
     }
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     /* prepare for TSIP TLS cert verification API use */
     if (cert->keyOID == RSAk) {
         /* to call TSIP API, it needs keys position info in bytes */

wolfcrypt/src/include.am

@@ -124,10 +124,10 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/Renesas/renesas_tsip_sha.c \
               wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c \
               wolfcrypt/src/port/Renesas/renesas_tsip_util.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_util.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_aes.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_sha.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_rsa.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_util.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c \
               wolfcrypt/src/port/Renesas/renesas_common.c \
               wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c \
               wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c \

wolfcrypt/src/port/Renesas/renesas_common.c

@@ -21,16 +21,16 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) \
-    || defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) \
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) \
+    || defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) \
     || defined(WOLFSSL_RENESAS_TSIP_TLS) \
     || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-  #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
-  #define cmn_hw_lock    wc_sce_hw_lock
-  #define cmn_hw_unlock  wc_sce_hw_unlock
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+  #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+  #define cmn_hw_lock    wc_fspsm_hw_lock
+  #define cmn_hw_unlock  wc_fspsm_hw_unlock
 #elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
   #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
@@ -45,6 +45,7 @@
 #include <wolfssl/error-ssl.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/port/renesas/renesas_cmn.h>
 
 uint32_t   g_CAscm_Idx = (uint32_t)-1; /* index of CM table    */
 static int gdevId = 7890;           /* initial dev Id for Crypt Callback */
@@ -53,12 +54,13 @@ static int gdevId = 7890;           /* initial dev Id for Crypt Callback */
 
 #include <wolfssl/wolfcrypt/cryptocb.h>
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+
 WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl)
 {
     int ret = 0;
     WOLFSSL_ENTER("Renesas_cmn_Cleanup");
-
+    (void) ssl;
+    
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
     ret = tsip_TlsCleanup(ssl);
 #endif
@@ -66,6 +68,8 @@ WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl)
     WOLFSSL_LEAVE("Renesas_cmn_Cleanup", ret);
     return ret;
 }
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
 WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
                                 const unsigned char* in, unsigned int inSz,
                                 unsigned char* out, word32* outSz,
@@ -137,9 +141,9 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
 #if defined(WOLFSSL_RENESAS_TSIP_TLS) \
     || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     TsipUserCtx*      cbInfo = (TsipUserCtx*)ctx;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+        defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 #endif
 
     if (info == NULL || ctx == NULL)
@@ -251,8 +255,8 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
         }
         #endif /* HAVE_ECC */
     }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
+        defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
 
     if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
 
@@ -270,9 +274,9 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                 if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
                   info->cipher.aesgcm_enc.aes->keylen == 32) {
 
-                    XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
-                        &cbInfo->sce_wrapped_key_aes256,
-                        sizeof(sce_aes_wrapped_key_t));
+                    XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.wrapped_key,
+                        &cbInfo->wrapped_key_aes256,
+                        sizeof(FSPSM_AES_WKEY));
                     info->cipher.aesgcm_enc.aes->ctx.keySize = 32;
 
                 }
@@ -280,13 +284,13 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
                     info->cipher.aesgcm_enc.aes->keylen == 16) {
 
-                    XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
-                            &cbInfo->sce_wrapped_key_aes128,
-                            sizeof(sce_aes_wrapped_key_t));
+                    XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.wrapped_key,
+                            &cbInfo->wrapped_key_aes128,
+                            sizeof(FSPSM_AES_WKEY));
                     info->cipher.aesgcm_enc.aes->ctx.keySize = 16;
                 }
 
-                ret = wc_sce_AesGcmEncrypt(
+                ret = wc_fspsm_AesGcmEncrypt(
                         info->cipher.aesgcm_enc.aes,
                         (byte*)info->cipher.aesgcm_enc.out,
                         (byte*)info->cipher.aesgcm_enc.in,
@@ -309,9 +313,9 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                 if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
                   info->cipher.aesgcm_dec.aes->keylen == 32) {
 
-                    XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
-                            &cbInfo->sce_wrapped_key_aes256,
-                            sizeof(sce_aes_wrapped_key_t));
+                    XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.wrapped_key,
+                            &cbInfo->wrapped_key_aes256,
+                            sizeof(FSPSM_AES_WKEY));
                     info->cipher.aesgcm_dec.aes->ctx.keySize = 32;
 
                 }
@@ -319,13 +323,13 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
                     info->cipher.aesgcm_dec.aes->keylen == 16) {
 
-                    XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
-                            &cbInfo->sce_wrapped_key_aes128,
-                            sizeof(sce_aes_wrapped_key_t));
+                    XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.wrapped_key,
+                            &cbInfo->wrapped_key_aes128,
+                            sizeof(FSPSM_AES_WKEY));
                     info->cipher.aesgcm_dec.aes->ctx.keySize = 16;
                 }
 
-                ret = wc_sce_AesGcmDecrypt(
+                ret = wc_fspsm_AesGcmDecrypt(
                         info->cipher.aesgcm_dec.aes,
                         (byte*)info->cipher.aesgcm_dec.out,
                         (byte*)info->cipher.aesgcm_dec.in,
@@ -352,22 +356,22 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     if (
                     cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
                     info->cipher.aescbc.aes->keylen == 32) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes256,
-                                sizeof(sce_aes_wrapped_key_t));
+                        XMEMCPY(&info->cipher.aescbc.aes->ctx.wrapped_key,
+                                &cbInfo->wrapped_key_aes256,
+                                sizeof(FSPSM_AES_WKEY));
                         info->cipher.aescbc.aes->ctx.keySize = 32;
 
                     }
                     else if (
                         cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
                         && info->cipher.aescbc.aes->keylen == 16) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes128,
-                                sizeof(sce_aes_wrapped_key_t));
+                        XMEMCPY(&info->cipher.aescbc.aes->ctx.wrapped_key,
+                                &cbInfo->wrapped_key_aes128,
+                                sizeof(FSPSM_AES_WKEY));
                         info->cipher.aescbc.aes->ctx.keySize = 16;
                     }
 
-                    ret = wc_sce_AesCbcEncrypt(
+                    ret = wc_fspsm_AesCbcEncrypt(
                         info->cipher.aescbc.aes,
                         (byte*)info->cipher.aescbc.out,
                         (byte*)info->cipher.aescbc.in,
@@ -377,20 +381,20 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     if (
                     cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
                     info->cipher.aescbc.aes->keylen == 32) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes256,
-                                sizeof(sce_aes_wrapped_key_t));
+                        XMEMCPY(&info->cipher.aescbc.aes->ctx.wrapped_key,
+                                &cbInfo->wrapped_key_aes256,
+                                sizeof(FSPSM_AES_WKEY));
                         info->cipher.aescbc.aes->ctx.keySize = 32;
                     }  else if (
                         cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
                         && info->cipher.aescbc.aes->keylen == 16) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes128,
-                                sizeof(sce_aes_wrapped_key_t));
+                        XMEMCPY(&info->cipher.aescbc.aes->ctx.wrapped_key,
+                                &cbInfo->wrapped_key_aes128,
+                                sizeof(FSPSM_AES_WKEY));
                         info->cipher.aescbc.aes->ctx.keySize = 16;
                     }
 
-                    ret = wc_sce_AesCbcDecrypt(
+                    ret = wc_fspsm_AesCbcDecrypt(
                         info->cipher.aescbc.aes,
                         (byte*)info->cipher.aescbc.out,
                         (byte*)info->cipher.aescbc.in,
@@ -400,7 +404,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     #endif /* HAVE_AES_CBC */
     #endif /* !NO_AES || !NO_DES3 */
     }
-    #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+    #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     else if (info->algo_type == WC_ALGO_TYPE_PK) {
 
        #if !defined(NO_RSA)
@@ -408,7 +412,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
         if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
             (info->pk.rsakg.size == 1024 ||
              info->pk.rsakg.size == 2048)) {
-            ret = wc_sce_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
+            ret = wc_fspsm_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
         }
        #endif
         if (info->pk.type == WC_PK_TYPE_RSA) {
@@ -428,7 +432,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                 if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT ||
                     info->pk.rsa.type == RSA_PUBLIC_ENCRYPT  )
                     {
-                        ret = wc_sce_RsaFunction(info->pk.rsa.in,
+                        ret = wc_fspsm_RsaFunction(info->pk.rsa.in,
                                         info->pk.rsa.inLen,
                                         info->pk.rsa.out,
                                         info->pk.rsa.outLen,
@@ -438,7 +442,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                                         (void*)ctx);
                 }
                 else if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT /* sign */){
-                   ret = wc_sce_RsaSign(info->pk.rsa.in,
+                   ret = wc_fspsm_RsaSign(info->pk.rsa.in,
                                         info->pk.rsa.inLen,
                                         info->pk.rsa.out,
                                         info->pk.rsa.outLen,
@@ -446,7 +450,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                                         (void*)ctx);
                 }
                 else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
-                    ret = wc_sce_RsaVerify(info->pk.rsa.in,
+                    ret = wc_fspsm_RsaVerify(info->pk.rsa.in,
                                         info->pk.rsa.inLen,
                                         info->pk.rsa.out,
                                         info->pk.rsa.outLen,
@@ -462,7 +466,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     "RSA operation falls through to SW operation.");
             }
         }
-       #endif /* NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+       #endif /* NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
     }
     #endif /* NO_RSA */
 #endif /* TSIP or SCE */
@@ -486,9 +490,9 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
 
     #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = tsip_usable(ssl, session_key_generated);
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
-            defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        ret = wc_sce_usable(ssl, session_key_generated);
+    #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
+            defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+        ret = wc_fspsm_usable(ssl, session_key_generated);
     #endif
 
     return ret;
@@ -511,13 +515,13 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
  #if defined(WOLFSSL_RENESAS_TSIP_TLS) \
     || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-       defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+       defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
  #endif
 
     if (cbInfo == NULL
-   #if (!defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) &&\
+   #if (!defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) &&\
         !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
        !defined(HAVE_RENESAS_SYNC)
         || ssl == NULL) {
@@ -544,7 +548,7 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
         return INVALID_DEVID;
     }
 
-   #if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
+   #if !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
        !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) && \
        !defined(HAVE_RENESAS_SYNC)
     if (ssl)
@@ -571,10 +575,10 @@ void wc_CryptoCb_CleanupRenesasCmn(int* id)
 }
 
 #endif /* WOLF_CRYPTO_CB */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS|| WOLFSSL_RENESAS_FSPSM_CRYPTONLY
           WOLFSSL_RENESAS_TSIP_TLS || WOLFSSL_RENESAS_TSIP_CRYPTONLY */
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
 
 /* Renesas Security Library Common Method
  * Check CA index if CA can be used for SCE/TSIP because
@@ -592,9 +596,9 @@ WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx)
 /* check if the root CA has been verified by TSIP/SCE,
  * and it exists in the CM table.
  */
-static byte sce_tsip_rootCAverified(void)
+static byte fspsm_tsip_rootCAverified(void)
 {
-    WOLFSSL_ENTER("sce_tsip_rootCAverified");
+    WOLFSSL_ENTER("fspsm_tsip_rootCAverified");
     return (g_CAscm_Idx != (uint32_t)-1 ? 1:0);
 }
 /* Renesas Security Library Common Callback
@@ -630,16 +634,16 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl, unsigned char* sig,
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    ret = wc_SCE_RsaVerify(ssl, sig, sigSz, out,key, keySz, ctx);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    ret = wc_fspsm_RsaVerifyTLS(ssl, sig, sigSz, out,key, keySz, ctx);
 
     if (ret == 0) {
         /* Set Callback for SharedSecret when successful */
-        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret);
+        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, fspsm_EccSharedSecret);
         wolfSSL_SetEccSharedSecretCtx(ssl, ctx);
     }
     else {
-        WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+        WOLFSSL_MSG("failed R_XXX_TLS_ServerKeyExchangeVerify");
         wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
@@ -681,16 +685,16 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
         wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    ret = wc_SCE_EccVerify(ssl, sig, sigSz, hash, hashSz, key, keySz,
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    ret = wc_fspsm_EccVerifyTLS(ssl, sig, sigSz, hash, hashSz, key, keySz,
                                                         result, ctx);
     if (ret == 0 && *result == 1) {
         /* Set callback for SharedSecret when being successful */
-        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret);
+        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, fspsm_EccSharedSecret);
         wolfSSL_SetEccSharedSecretCtx(ssl, ctx);
     }
     else {
-        WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+        WOLFSSL_MSG("failed R_XXXX_TLS_ServerKeyExchangeVerify");
         wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
@@ -718,7 +722,7 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
 
     WOLFSSL_ENTER("wc_Renesas_cmn_RootCertVerify");
 
-    if (sce_tsip_rootCAverified() == 0) {
+    if (fspsm_tsip_rootCAverified() == 0) {
 
     #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = wc_tsip_tls_RootCertVerify(cert, cert_len, key_n_start,
@@ -726,9 +730,9 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
         if (ret != TSIP_SUCCESS) {
             ret = WOLFSSL_FATAL_ERROR;
         }
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+    #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
 
-        ret = wc_sce_tls_RootCertVerify(cert, cert_len, key_n_start,
+        ret = wc_fspsm_tls_RootCertVerify(cert, cert_len, key_n_start,
                 key_n_len, key_e_start, key_e_len, cm_row);
         if (ret != FSP_SUCCESS) {
             ret = WOLFSSL_FATAL_ERROR;
@@ -768,8 +772,8 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
  #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = wc_tsip_generateVerifyData(ssl->arrays->tsip_masterSecret,
                             side, handshake_hash, hashes);
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-         ret = wc_sce_generateVerifyData(ssl->arrays->sce_masterSecret,
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+         ret = wc_fspsm_generateVerifyData(ssl->arrays->fspsm_masterSecret,
                    side, handshake_hash, hashes);
  #endif
     }
@@ -802,8 +806,8 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx)
     TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
 
     if (cbInfo->session_key_set == 1) {
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 
 
     if (cbInfo->keyflgs_tls.bits.session_key_set == 1) {
@@ -836,8 +840,8 @@ WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx)
     int ret = -1;
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
     TsipUserCtx*      cbInfo = (TsipUserCtx*)ctx;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 #endif
     (void)ctx;
 
@@ -845,8 +849,8 @@ WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx)
     if (Renesas_cmn_usable(ssl, 0)) {
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = wc_tsip_generateSessionKey(ssl, (TsipUserCtx*)ctx, cbInfo->devId);
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-        ret = wc_sce_generateSessionKey(ssl, ctx, cbInfo->devId);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+        ret = wc_fspsm_generateSessionKey(ssl, ctx, cbInfo->devId);
 #endif
     }
     else {
@@ -896,9 +900,9 @@ WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl,
     else
         ret = PROTOCOLCB_UNAVAILABLE;
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (Renesas_cmn_usable(ssl, 0)) {
-        ret = wc_sce_generatePremasterSecret(premaster, preSz);
+        ret = wc_fspsm_generatePremasterSecret(premaster, preSz);
         ssl->arrays->preMasterSz = preSz;
     }
     else
@@ -962,17 +966,17 @@ WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(struct WOLFSSL* ssl, void* ctx)
     else
         ret = PROTOCOLCB_UNAVAILABLE;
 
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (Renesas_cmn_usable(ssl, 0)) {
-        ret = wc_sce_generateMasterSecret(
+        ret = wc_fspsm_generateMasterSecret(
                             ssl->options.cipherSuite0,
                             ssl->options.cipherSuite,
                             ssl->arrays->preMasterSecret,
                             ssl->arrays->clientRandom,
                             ssl->arrays->serverRandom,
-                            ssl->arrays->sce_masterSecret);
+                            ssl->arrays->fspsm_masterSecret);
         if (ret == 0) {
-            wc_sce_storeKeyCtx(ssl, ctx);
+            wc_fspsm_storeKeyCtx(ssl, ctx);
             /* set Session Key generation Callback for use */
             wolfSSL_CTX_SetGenSessionKeyCb(ssl->ctx,
                                                 Renesas_cmn_generateSessionKey);
@@ -1045,9 +1049,10 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in,
         ret = CRYPTOCB_UNAVAILABLE;
     }
 
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    if (wc_sce_usable(ssl, 0) && EncSz == 256) {
-        ret = wc_sce_generateEncryptPreMasterSecret(ssl, out, outSz);
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    if (wc_fspsm_usable(ssl, 0) && EncSz == 256) {
+        ret = wc_fspsm_generateEncryptPreMasterSecret(ssl, out,
+                                                            (uint32_t*)outSz);
     }
     else {
         if (EncSz != 256)
@@ -1087,9 +1092,10 @@ WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message,
     }
     else
         ret = PROTOCOLCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    if (wc_sce_usable(ssl, 1)) {
-        ret = wc_sce_Sha256VerifyHmac(ssl, message, messageSz, macSz, content);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    if (wc_fspsm_usable(ssl, 1)) {
+        ret = wc_fspsm_Sha256VerifyHmac(ssl, message,
+                                                messageSz, macSz, content);
     }
     else
         ret = PROTOCOLCB_UNAVAILABLE;
@@ -1143,11 +1149,11 @@ WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest,
 
     }
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (Renesas_cmn_usable(ssl, 1)) {
         if (ssl->specs.hash_size == WC_SHA256_DIGEST_SIZE) {
             wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
-            ret = wc_sce_Sha256GenerateHmac(ssl, myInner,
+            ret = wc_fspsm_Sha256GenerateHmac(ssl, myInner,
                                     WOLFSSL_TLS_HMAC_INNER_SZ, in, sz, digest);
         }
         else
@@ -1218,9 +1224,10 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbRsaVerify(unsigned char* sig,
     else
         ret = CRYPTOCB_UNAVAILABLE;
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (CertAtt->keyIndex != NULL) {
-        ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz,
+        ret = wc_fspsm_tls_CertVerify(CertAtt->cert, CertAtt->certSz,
+                                 sig, sigSz,
                                  CertAtt->pubkey_n_start - CertAtt->certBegin,
                                  CertAtt->pubkey_n_len - 1,
                                  CertAtt->pubkey_e_start - CertAtt->certBegin,
@@ -1302,9 +1309,10 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig,
     }
     else
         ret = CRYPTOCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (CertAtt->keyIndex != NULL) {
-        ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz,
+        ret = wc_fspsm_tls_CertVerify(CertAtt->cert, CertAtt->certSz,
+                                 sig, sigSz,
                                  CertAtt->pubkey_n_start - CertAtt->certBegin,
                                  CertAtt->pubkey_n_len - 1,
                                  CertAtt->pubkey_e_start - CertAtt->certBegin,

wolfcrypt/src/port/Renesas/renesas_sce_aes.c → wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c

@@ -1,4 +1,4 @@
-/* renesas_sce_aes.c
+/* renesas_fspsm_aes.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -26,15 +26,15 @@
 
 #ifndef NO_AES
 
-#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-     defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_AES)
+#if (defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
 
 #include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/internal.h>
 #include <wolfssl/wolfcrypt/aes.h>
-#include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
+#include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
 
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
@@ -48,20 +48,20 @@ struct Aes;
 #define SCE_AES_GCM_AUTH_TAG_SIZE  16
 
 typedef fsp_err_t (*aesGcmEncInitFn)
-        (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
+        (FSPSM_AESGCM_HANDLE*, FSPSM_AES_WKEY*, uint8_t*, uint32_t);
 typedef fsp_err_t (*aesGcmEncUpdateFn)
-        (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
+        (FSPSM_AESGCM_HANDLE*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
 typedef fsp_err_t (*aesGcmEncFinalFn)
-        (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*);
+        (FSPSM_AESGCM_HANDLE*, uint8_t*, uint32_t*, uint8_t*);
 
 typedef fsp_err_t (*aesGcmDecInitFn)
-        (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
+        (FSPSM_AESGCM_HANDLE*, FSPSM_AES_WKEY*, uint8_t*, uint32_t);
 typedef fsp_err_t (*aesGcmDecUpdateFn)
-        (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
+        (FSPSM_AESGCM_HANDLE*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
 typedef fsp_err_t (*aesGcmDecFinalFn)
-        (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
+        (FSPSM_AESGCM_HANDLE*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
 
-/* Perform Aes Gcm encryption by SCE
+/* Perform Aes Gcm encryption by FSP SM
  *
  * aes    The AES object.
  * out    Buffer to hold cipher text
@@ -74,7 +74,7 @@ typedef fsp_err_t (*aesGcmDecFinalFn)
  * ctx    The callback context
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
-WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
                               const byte* in, word32 sz,
                               byte* iv, word32 ivSz,
                               byte* authTag, word32 authTagSz,
@@ -82,9 +82,9 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
                               void* ctx)
 {
     int ret;
-    sce_gcm_handle_t    _handle;
+    FSPSM_AESGCM_HANDLE _handle;
     uint32_t            dataLen = sz;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
 
     aesGcmEncInitFn     initFn;
     aesGcmEncUpdateFn   updateFn;
@@ -97,10 +97,10 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
     const uint8_t* iv_l = NULL;
     uint32_t ivSz_l = 0;
 
-    sce_hmac_sha_wrapped_key_t key_client_mac;
-    sce_hmac_sha_wrapped_key_t key_server_mac;
-    sce_aes_wrapped_key_t      key_client_aes;
-    sce_aes_wrapped_key_t      key_server_aes;
+    FSPSM_HMAC_WKEY key_client_mac;
+    FSPSM_HMAC_WKEY key_server_mac;
+    FSPSM_AES_WKEY      key_client_aes;
+    FSPSM_AES_WKEY      key_server_aes;
 
     /* sanity check */
     if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
@@ -118,19 +118,19 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
     }
 
     if (aes->ctx.keySize == 16) {
-        initFn   = R_SCE_AES128GCM_EncryptInit;
-        updateFn = R_SCE_AES128GCM_EncryptUpdate;
-        finalFn  = R_SCE_AES128GCM_EncryptFinal;
+        initFn   = FSPSM_AES128GCMEnc_Init;
+        updateFn = FSPSM_AES128GCMEnc_Up;
+        finalFn  = FSPSM_AES128GCMEnc_Final;
     }
     else {
-        initFn   = R_SCE_AES256GCM_EncryptInit;
-        updateFn = R_SCE_AES256GCM_EncryptUpdate;
-        finalFn  = R_SCE_AES256GCM_EncryptFinal;
+        initFn   = FSPSM_AES256GCMEnc_Init;
+        updateFn = FSPSM_AES256GCMEnc_Up;
+        finalFn  = FSPSM_AES256GCMEnc_Final;
     }
 
 
-    /* check if AES GCM can be used by SCE */
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    /* check if AES GCM can be used by FSP SM */
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
 
         /* allocate buffers for plaintext, ciphertext and authTag to make sure
          * those buffers 32bit aligned as SCE requests.
@@ -143,7 +143,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
                                                         DYNAMIC_TYPE_AES);
 
         if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
-            WOLFSSL_MSG("wc_sce_AesGcmEncrypt: buffer allocation failed");
+            WOLFSSL_MSG("wc_fspsm_AesGcmEncrypt: buffer allocation failed");
             ret = -1;
         }
 
@@ -153,17 +153,17 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
             XMEMSET((void*)authTag,   0, authTagSz);
         }
         
-      #if defined(WOLFSSL_RENESAS_SCEPROTECT)
+      #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
        if (ret == 0 &&
            info->keyflgs_tls.bits.session_key_set == 1) {
             /* generate AES-GCM session key. The key stored in
              * Aes.ctx.tsip_keyIdx is not used here.
              */
-            ret = R_SCE_TLS_SessionKeyGenerate(
-                    info->sce_cipher,
-                    (uint32_t*)info->sce_masterSecret,
-                    (uint8_t*) info->sce_clientRandom,
-                    (uint8_t*) info->sce_serverRandom,
+            ret = FSPSM_SESSIONKEY_GEN_FUNC(
+                    info->cipher,
+                    (uint32_t*)info->masterSecret,
+                    (uint8_t*) info->clientRandom,
+                    (uint8_t*) info->serverRandom,
                     &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
                     &key_client_mac,
                     &key_server_mac,
@@ -171,7 +171,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
                     &key_server_aes,
                     NULL, NULL);
             if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
+                WOLFSSL_MSG("R_XXX_TLS_SessionKeyGenerate failed");
                 ret = -1;
             }
 
@@ -184,19 +184,19 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
                 info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
                 if (aes->ctx.keySize == 32) {
                     XMEMCPY(&key_client_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
-                        sizeof(sce_aes_wrapped_key_t));
+                        (FSPSM_AES_WKEY*)info->wrapped_key_aes256,
+                        sizeof(FSPSM_AES_WKEY));
                 }
                 else {
                     XMEMCPY(&key_client_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
-                        sizeof(sce_aes_wrapped_key_t));
+                        (FSPSM_AES_WKEY*)info->wrapped_key_aes128,
+                        sizeof(FSPSM_AES_WKEY));
                 }
                 iv_l = iv;
                 ivSz_l = ivSz;
             }
             else {
-                WOLFSSL_MSG("AES key for SCE is not set.");
+                WOLFSSL_MSG("AES key for FSP SM is not set.");
                 ret = -1;
             }
         }
@@ -216,7 +216,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
                 ret = updateFn(&_handle, plainBuf, cipherBuf, sz, NULL, 0UL);
             }
             if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_AesXXXGcmEncryptUpdate2: failed");
+                WOLFSSL_MSG("R_XXXX_AesXXXGcmEncryptUpdate2: failed");
                 ret = -1;
             }
 
@@ -255,13 +255,13 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
         XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
         XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
 
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
 
     }
 
     return ret;
 }
-/* Perform Aes Gcm decryption by SCE
+/* Perform Aes Gcm decryption by FSP SM
  *
  * aes    The AES object.
  * out    Buffer to hold plaintext
@@ -274,7 +274,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
  * ctx    The Callback context
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
-WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
                           const byte* in, word32 sz,
                           const byte* iv, word32 ivSz,
                           const byte* authTag, word32 authTagSz,
@@ -282,9 +282,9 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
                           void* ctx)
 {
     int ret;
-    sce_gcm_handle_t _handle;
+    FSPSM_AESGCM_HANDLE _handle;
     uint32_t            dataLen = sz;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
 
     aesGcmDecInitFn     initFn;
     aesGcmDecUpdateFn   updateFn;
@@ -297,10 +297,10 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
     const uint8_t* iv_l = NULL;
     uint32_t ivSz_l = 0;
 
-    sce_hmac_sha_wrapped_key_t key_client_mac;
-    sce_hmac_sha_wrapped_key_t key_server_mac;
-    sce_aes_wrapped_key_t      key_client_aes;
-    sce_aes_wrapped_key_t      key_server_aes;
+    FSPSM_HMAC_WKEY key_client_mac;
+    FSPSM_HMAC_WKEY key_server_mac;
+    FSPSM_AES_WKEY      key_client_aes;
+    FSPSM_AES_WKEY      key_server_aes;
 
     /* sanity check */
     if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
@@ -318,18 +318,18 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
     }
 
     if (aes->ctx.keySize == 16) {
-        initFn   = R_SCE_AES128GCM_DecryptInit;
-        updateFn = R_SCE_AES128GCM_DecryptUpdate;
-        finalFn  = R_SCE_AES128GCM_DecryptFinal;
+        initFn   = FSPSM_AES128GCMDec_Init;
+        updateFn = FSPSM_AES128GCMDec_Up;
+        finalFn  = FSPSM_AES128GCMDec_Final;
     }
     else {
-        initFn   = R_SCE_AES256GCM_DecryptInit;
-        updateFn = R_SCE_AES256GCM_DecryptUpdate;
-        finalFn  = R_SCE_AES256GCM_DecryptFinal;
+        initFn   = FSPSM_AES256GCMDec_Init;
+        updateFn = FSPSM_AES256GCMDec_Up;
+        finalFn  = FSPSM_AES256GCMDec_Final;
     }
 
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
        /* allocate buffers for plain-text, cipher-text, authTag and AAD.
          * TSIP requests those buffers 32bit aligned.
          */
@@ -349,17 +349,17 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
             XMEMCPY(cipherBuf, in, sz);
             XMEMCPY(aTagBuf, authTag, authTagSz);
         }
-       #if defined(WOLFSSL_RENESAS_SCEPROTECT)
+       #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
         if (ret == 0 &&
             info->keyflgs_tls.bits.session_key_set == 1) {
             /* generate AES-GCM session key. The key stored in
              * Aes.ctx.tsip_keyIdx is not used here.
              */
-            ret = R_SCE_TLS_SessionKeyGenerate(
-                    info->sce_cipher,
-                    (uint32_t*)info->sce_masterSecret,
-                    (uint8_t*) info->sce_clientRandom,
-                    (uint8_t*) info->sce_serverRandom,
+            ret = FSPSM_SESSIONKEY_GEN_FUNC(
+                    info->cipher,
+                    (uint32_t*)info->masterSecret,
+                    (uint8_t*) info->clientRandom,
+                    (uint8_t*) info->serverRandom,
                     (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
                     &key_client_mac,
                     &key_server_mac,
@@ -367,7 +367,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
                     &key_server_aes,
                     NULL, NULL);
             if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
+                WOLFSSL_MSG("R_XXXX_TLS_SessionKeyGenerate failed");
                 ret = -1;
             }
         }
@@ -379,19 +379,19 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
                 info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
                 if (aes->ctx.keySize == 32) {
                     XMEMCPY(&key_server_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
-                        sizeof(sce_aes_wrapped_key_t));
+                        (FSPSM_AES_WKEY*)info->wrapped_key_aes256,
+                        sizeof(FSPSM_AES_WKEY));
                 }
                 else {
                     XMEMCPY(&key_server_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
-                        sizeof(sce_aes_wrapped_key_t));
+                        (FSPSM_AES_WKEY*)info->wrapped_key_aes128,
+                        sizeof(FSPSM_AES_WKEY));
                 }
                 iv_l = iv;
                 ivSz_l = ivSz;
             }
             else {
-                WOLFSSL_MSG("AES key for SCE is not set.");
+                WOLFSSL_MSG("AES key for FSP SM is not set.");
                 ret = -1;
             }
         }
@@ -412,7 +412,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
                 ret = updateFn(&_handle, cipherBuf, plainBuf, sz, NULL, 0UL);
             }
             if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptUpdate: failed in decrypt");
+                WOLFSSL_MSG("R_XXXX_AesXXXGcmDecryptUpdate: failed in decrypt");
                 ret = -1;
             }
 
@@ -435,7 +435,7 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
                     }
                 }
                 else {
-                    WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptFinal: failed");
+                    WOLFSSL_MSG("R_XXXX_AesXXXGcmDecryptFinal: failed");
                     ret = -1;
                 }
             }
@@ -445,12 +445,12 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
         XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
         XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
 
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
 
     return ret;
 }
-/* Perform Aes Cbc encryption by SCE
+/* Perform Aes Cbc encryption by FSP SM
  *
  * aes    The AES object.
  * out    Buffer to hold cipher text
@@ -458,11 +458,11 @@ WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
  * sz     Length of cipher text/plaintext in bytes
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
-WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
+WOLFSSL_LOCAL int wc_fspsm_AesCbcEncrypt(struct Aes* aes, byte* out,
                                                 const byte* in, word32 sz)
 {
-    sce_aes_handle_t _handle;
-    word32 ret;
+    FSPSM_AES_HANDLE _handle;
+    int ret;
     word32 blocks = (sz / AES_BLOCK_SIZE);
     uint32_t dataLength;
     byte *iv;
@@ -474,30 +474,30 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
      * on the device. iv is dummy                                   */
     iv = (uint8_t*)aes->reg;
 
-    if ((ret = wc_sce_hw_lock()) != 0) {
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
         WOLFSSL_MSG("Failed to lock");
         return ret;
     }
 
     if (aes->ctx.keySize == 16) {
-        ret = R_SCE_AES128CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
+        ret = FSPSM_AES128CBCEnc_Init(&_handle, &aes->ctx.wrapped_key, iv);
     }
     else if (aes->ctx.keySize == 32) {
-        ret = R_SCE_AES256CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
+        ret = FSPSM_AES256CBCEnc_Init(&_handle, &aes->ctx.wrapped_key, iv);
     }
     else {
         WOLFSSL_MSG("invalid key Size for SCE. Key size is neither 16 or 32.");
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
         return -1;
     }
 
     while (ret == FSP_SUCCESS && blocks--) {
 
         if (aes->ctx.keySize == 16)
-            ret = R_SCE_AES128CBC_EncryptUpdate(&_handle, (uint8_t*)in,
+            ret = FSPSM_AES128CBCEnc_Up(&_handle, (uint8_t*)in,
                                     (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
         else
-            ret = R_SCE_AES256CBC_EncryptUpdate(&_handle, (uint8_t*)in,
+            ret = FSPSM_AES256CBCEnc_Up(&_handle, (uint8_t*)in,
                                     (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
 
         in  += AES_BLOCK_SIZE;
@@ -506,10 +506,10 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
 
     if (ret == FSP_SUCCESS) {
         if (aes->ctx.keySize == 16) {
-            ret = R_SCE_AES128CBC_EncryptFinal(&_handle, out, &dataLength);
+            ret = FSPSM_AES128CBCEnc_Final(&_handle, out, &dataLength);
         }
         else {
-            ret = R_SCE_AES256CBC_EncryptFinal(&_handle, out, &dataLength);
+            ret = FSPSM_AES256CBCEnc_Final(&_handle, out, &dataLength);
         }
     }
     else {
@@ -517,7 +517,7 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
         ret = -1;
     }
 
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
     return ret;
 }
 /* Perform Aes Cbc decryption by SCE
@@ -528,10 +528,11 @@ WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
  * sz     Length of cipher text/plaintext in bytes
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
-WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
+WOLFSSL_LOCAL int wc_fspsm_AesCbcDecrypt(struct Aes* aes, byte* out,
+                                                    const byte* in, word32 sz)
 {
-    sce_aes_handle_t _handle;
-    word32 ret;
+    FSPSM_AES_HANDLE _handle;
+    int ret;
     word32 blocks = (sz / AES_BLOCK_SIZE);
     uint32_t dataLength;
     byte *iv;
@@ -541,29 +542,29 @@ WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* i
 
     iv = (uint8_t*)aes->reg;
 
-    if ((ret = wc_sce_hw_lock()) != 0) {
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
         WOLFSSL_MSG("Failed to lock");
         return ret;
     }
 
     if (aes->ctx.keySize == 16) {
-        ret = R_SCE_AES128CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
+        ret = FSPSM_AES128CBCDec_Init(&_handle, &aes->ctx.wrapped_key, iv);
     }
     else if (aes->ctx.keySize == 32) {
-        ret = R_SCE_AES256CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
+        ret = FSPSM_AES256CBCDec_Init(&_handle, &aes->ctx.wrapped_key, iv);
     }
     else {
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
         return -1;
     }
 
     while (ret == FSP_SUCCESS && blocks--) {
 
         if (aes->ctx.keySize == 16)
-            ret = R_SCE_AES128CBC_DecryptUpdate(&_handle, (uint8_t*)in,
+            ret = FSPSM_AES128CBCDec_Up(&_handle, (uint8_t*)in,
                                         (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
         else
-            ret = R_SCE_AES256CBC_DecryptUpdate(&_handle, (uint8_t*)in,
+            ret = FSPSM_AES256CBCDec_Up(&_handle, (uint8_t*)in,
                                         (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
 
         in  += AES_BLOCK_SIZE;
@@ -572,16 +573,16 @@ WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* i
 
     if (ret == FSP_SUCCESS) {
         if (aes->ctx.keySize == 16)
-            ret = R_SCE_AES128CBC_DecryptFinal(&_handle, out, &dataLength);
+            ret = FSPSM_AES128CBCDec_Final(&_handle, out, &dataLength);
         else
-            ret = R_SCE_AES256CBC_DecryptFinal(&_handle, out, &dataLength);
+            ret = FSPSM_AES256CBCDec_Final(&_handle, out, &dataLength);
     }
     else {
         WOLFSSL_MSG("SCE AES CBC decryption failed");
         ret = -1;
     }
 
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
     return ret;
 }
 

wolfcrypt/src/port/Renesas/renesas_sce_rsa.c → wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c

@@ -1,4 +1,4 @@
-/* renesas_sce_rsa.c
+/* renesas_fspsm_rsa.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,9 +18,11 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
- 
+
+#include <wolfssl/wolfcrypt/settings.h>
+
 #if !defined(NO_RSA) && \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
 
 #include <string.h>
 #include <stdio.h>
@@ -29,11 +31,10 @@
     #include <config.h>
 #endif
 
-#include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/wolfcrypt/logging.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 
 /* Make Rsa key for SCE and set it to callback ctx
  * Assumes to be called by Crypt Callback
@@ -42,123 +43,123 @@
  * ctx    Callback context including pointer to hold generated key
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
-WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
+WOLFSSL_LOCAL int wc_fspsm_MakeRsaKey(int size, void* ctx)
 {
-    fsp_err_t        ret;
-    User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
+    fsp_err_t   ret;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
 
-    sce_rsa1024_wrapped_pair_key_t *wrapped_pair1024_key = NULL;
-    sce_rsa2048_wrapped_pair_key_t *wrapped_pair2048_key = NULL;
+    FSPSM_RSA1024_WPA_KEY *wrapped_pair1024_key = NULL;
+    FSPSM_RSA2048_WPA_KEY *wrapped_pair2048_key = NULL;
 
     /* sanity check */
     if (ctx == NULL)
         return BAD_FUNC_ARG;
     
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (size == 1024) {
             wrapped_pair1024_key = 
-            (sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
-                sizeof(sce_rsa1024_wrapped_pair_key_t), NULL, 
+            (FSPSM_RSA1024_WPA_KEY*)XMALLOC(
+                sizeof(FSPSM_RSA1024_WPA_KEY), NULL,
                                                 DYNAMIC_TYPE_RSA_BUFFER);
             if (wrapped_pair1024_key == NULL)
                 return MEMORY_E;
                 
-            ret = R_SCE_RSA1024_WrappedKeyPairGenerate(wrapped_pair1024_key);
+            ret = FSPSM_RSA1024_KEYPA_GEN(wrapped_pair1024_key);
         }
         else if (size == 2048) {
             wrapped_pair2048_key = 
-            (sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
-                sizeof(sce_rsa2048_wrapped_pair_key_t), NULL, 
+            (FSPSM_RSA2048_WPA_KEY*)XMALLOC(
+                sizeof(FSPSM_RSA2048_WPA_KEY), NULL, 
                                                 DYNAMIC_TYPE_RSA_BUFFER);
             if (wrapped_pair2048_key == NULL)
                 return MEMORY_E;
                 
-            ret = R_SCE_RSA2048_WrappedKeyPairGenerate(wrapped_pair2048_key);
+            ret = FSPSM_RSA1024_KEYPA_GEN(wrapped_pair2048_key);
         }
         else
             return CRYPTOCB_UNAVAILABLE;
             
         if (ret == FSP_SUCCESS) {
             if (size == 1024) {
-                if (info->sce_wrapped_key_rsapri1024 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapri1024, NULL, 
+                if (info->wrapped_key_rsapri1024 != NULL) {
+                    XFREE(info->wrapped_key_rsapri1024, NULL, 
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                if (info->sce_wrapped_key_rsapub1024 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapub1024, NULL, 
+                if (info->wrapped_key_rsapub1024 != NULL) {
+                    XFREE(info->wrapped_key_rsapub1024, NULL, 
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                info->sce_wrapped_key_rsapri1024 = 
-                (sce_rsa1024_private_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa1024_private_wrapped_key_t), NULL, 
+                info->wrapped_key_rsapri1024 = 
+                (FSPSM_RSA1024_WPI_KEY*)XMALLOC(
+                    sizeof(FSPSM_RSA1024_WPI_KEY), NULL, 
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                     
-                if (info->sce_wrapped_key_rsapri1024 == NULL) {
+                if (info->wrapped_key_rsapri1024 == NULL) {
                     XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
                 
-                info->sce_wrapped_key_rsapub1024 =
-                (sce_rsa1024_public_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa1024_public_wrapped_key_t), NULL, 
+                info->wrapped_key_rsapub1024 =
+                (FSPSM_RSA1024_WPB_KEY*)XMALLOC(
+                    sizeof(FSPSM_RSA1024_WPB_KEY), NULL, 
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                     
-                if (info->sce_wrapped_key_rsapub1024 == NULL) {
+                if (info->wrapped_key_rsapub1024 == NULL) {
                     XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    XFREE(info->sce_wrapped_key_rsapub1024, 0, 
+                    XFREE(info->wrapped_key_rsapub1024, 0, 
                                                 DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
                 /* copy generated key pair and free malloced key */
-                XMEMCPY(info->sce_wrapped_key_rsapri1024, 
+                XMEMCPY(info->wrapped_key_rsapri1024, 
                                     &wrapped_pair1024_key->priv_key,
-                                    sizeof(sce_rsa1024_private_wrapped_key_t));
-                XMEMCPY(info->sce_wrapped_key_rsapub1024, 
+                                    sizeof(FSPSM_RSA1024_WPI_KEY));
+                XMEMCPY(info->wrapped_key_rsapub1024, 
                                     &wrapped_pair1024_key->pub_key,
-                                    sizeof(sce_rsa1024_public_wrapped_key_t));
+                                    sizeof(FSPSM_RSA1024_WPB_KEY));
                 XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
                 
                 info->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
                 info->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
             }
             else if (size == 2048) {
-                if (info->sce_wrapped_key_rsapri2048 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapri2048, NULL, 
+                if (info->wrapped_key_rsapri2048 != NULL) {
+                    XFREE(info->wrapped_key_rsapri2048, NULL, 
                                     DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                if (info->sce_wrapped_key_rsapub2048 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapub2048, NULL, 
+                if (info->wrapped_key_rsapub2048 != NULL) {
+                    XFREE(info->wrapped_key_rsapub2048, NULL, 
                                     DYNAMIC_TYPE_RSA_BUFFER);
                 }
-                info->sce_wrapped_key_rsapri2048 = 
-                (sce_rsa2048_private_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa2048_private_wrapped_key_t), NULL, 
+                info->wrapped_key_rsapri2048 = 
+                (FSPSM_RSA2048_WPI_KEY*)XMALLOC(
+                    sizeof(FSPSM_RSA2048_WPI_KEY), NULL, 
                                     DYNAMIC_TYPE_RSA_BUFFER);
                     
-                if (info->sce_wrapped_key_rsapri2048 == NULL) {
+                if (info->wrapped_key_rsapri2048 == NULL) {
                     XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
                 
-                info->sce_wrapped_key_rsapub2048 =
-                (sce_rsa2048_public_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa2048_public_wrapped_key_t), NULL, 
+                info->wrapped_key_rsapub2048 =
+                (FSPSM_RSA2048_WPB_KEY*)XMALLOC(
+                    sizeof(FSPSM_RSA2048_WPB_KEY), NULL, 
                                     DYNAMIC_TYPE_RSA_BUFFER);
                     
-                if (info->sce_wrapped_key_rsapub2048 == NULL) {
+                if (info->wrapped_key_rsapub2048 == NULL) {
                     XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    XFREE(info->sce_wrapped_key_rsapub1024, 0, 
+                    XFREE(info->wrapped_key_rsapub1024, 0, 
                                     DYNAMIC_TYPE_RSA_BUFFER);
                     return MEMORY_E;
                 }
                 /* copy generated key pair and free malloced key */
-                XMEMCPY(info->sce_wrapped_key_rsapri2048, 
+                XMEMCPY(info->wrapped_key_rsapri2048, 
                             &wrapped_pair2048_key->priv_key,
-                            sizeof(sce_rsa2048_private_wrapped_key_t));
-                XMEMCPY(info->sce_wrapped_key_rsapub2048, 
+                            sizeof(FSPSM_RSA2048_WPI_KEY));
+                XMEMCPY(info->wrapped_key_rsapub2048, 
                             &wrapped_pair2048_key->pub_key,
-                            sizeof(sce_rsa2048_public_wrapped_key_t));
+                            sizeof(FSPSM_RSA2048_WPB_KEY));
                 XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
                 
                 info->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
@@ -171,7 +172,7 @@ WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
             return CRYPTOCB_UNAVAILABLE;
         }
         
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
 }
 
@@ -187,15 +188,15 @@ WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
  * ctx    Callback context
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
-WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
+WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
                     word32 outLen, int type, struct RsaKey* key, 
                     struct WC_RNG* rng, void* ctx)
 {
     int ret;
     
-    sce_rsa_byte_data_t plain;
-    sce_rsa_byte_data_t cipher;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
+    FSPSM_RSA_DATA plain;
+    FSPSM_RSA_DATA cipher;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
     
     int keySize;
     
@@ -222,7 +223,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
         return BAD_FUNC_ARG;
     }
     
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (type == RSA_PUBLIC_ENCRYPT) {
             
             plain.pdata = (byte*)in;
@@ -232,9 +233,9 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
 
             if (keySize == 1024) {
                 if(info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS1024_Encrypt(&plain, &cipher,
-                        (sce_rsa1024_public_wrapped_key_t*)
-                            info->sce_wrapped_key_rsapub1024);
+                    ret = FSPSM_RSA1024_PKCSENC_FUNC(&plain, &cipher,
+                        (FSPSM_RSA1024_WPB_KEY*)
+                            info->wrapped_key_rsapub1024);
                 else {
                     WOLFSSL_MSG("wrapped public 1024 bits key is not set.");
                     return BAD_FUNC_ARG;
@@ -242,9 +243,9 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
             }
             else {
                 if(info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher,
-                            (sce_rsa2048_public_wrapped_key_t*)
-                                info->sce_wrapped_key_rsapub2048);
+                    ret = FSPSM_RSA2048_PKCSENC_FUNC(&plain, &cipher,
+                            (FSPSM_RSA2048_WPB_KEY*)
+                                info->wrapped_key_rsapub2048);
                 else {
                     WOLFSSL_MSG("wrapped public 2048 bits key is not set.");
                     return BAD_FUNC_ARG;
@@ -259,9 +260,9 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
             
             if (keySize == 1024) {
                 if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS1024_Decrypt(&cipher, &plain,
-                            (sce_rsa1024_private_wrapped_key_t*)
-                                info->sce_wrapped_key_rsapri1024);
+                    ret = FSPSM_RSA1024_PKCSDEC_FUNC(&cipher, &plain,
+                            (FSPSM_RSA1024_WPI_KEY*)
+                                info->wrapped_key_rsapri1024);
                 else {
                     WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
                     return BAD_FUNC_ARG;
@@ -269,9 +270,9 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
             }
             else {
                 if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain,
-                            (sce_rsa2048_private_wrapped_key_t*)
-                                info->sce_wrapped_key_rsapri2048);
+                    ret = FSPSM_RSA2048_PKCSDEC_FUNC(&cipher, &plain,
+                            (FSPSM_RSA2048_WPI_KEY*)
+                                info->wrapped_key_rsapri2048);
                 else {
                     WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
                     return BAD_FUNC_ARG;
@@ -279,7 +280,7 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
             }
         }
         
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     return ret;
 }
@@ -296,14 +297,14 @@ WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
  
-WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
+WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
                     word32* outLen, struct RsaKey* key, void* ctx)
 {
     int ret;
     
-    sce_rsa_byte_data_t message_hash;
-    sce_rsa_byte_data_t signature;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
+    FSPSM_RSA_DATA message_hash;
+    FSPSM_RSA_DATA signature;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
     int keySize;
     
     (void) key;
@@ -334,25 +335,25 @@ WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
     signature.pdata = out;
     signature.data_length = outLen;
     
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (keySize == 1024) {
             
-            ret = R_SCE_RSASSA_PKCS1024_SignatureGenerate(&message_hash, 
+            ret = FSPSM_RSA1024_SIGN_FUNC(&message_hash, 
                         &signature,
-                        (sce_rsa1024_private_wrapped_key_t *)
-                                    info->sce_wrapped_key_rsapri1024,
+                        (FSPSM_RSA1024_WPI_KEY *)
+                                    info->wrapped_key_rsapri1024,
                         HW_SCE_RSA_HASH_SHA256);
         }
         else {
             
-            ret = R_SCE_RSASSA_PKCS2048_SignatureGenerate(&message_hash, 
+            ret = FSPSM_RSA2048_SIGN_FUNC(&message_hash, 
                         &signature,
-                        (sce_rsa2048_private_wrapped_key_t *)
-                                    info->sce_wrapped_key_rsapri2048,
+                        (FSPSM_RSA2048_WPI_KEY *)
+                                    info->wrapped_key_rsapri2048,
                         HW_SCE_RSA_HASH_SHA256);
         }
         
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     
     return ret;
@@ -370,14 +371,14 @@ WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
  * return FSP_SUCCESS(0) on Success, otherwise negative value
  */
  
-WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
+WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
                     word32* outLen,struct RsaKey* key, void* ctx)
 {
     int ret;
     
-    sce_rsa_byte_data_t message_hash;
-    sce_rsa_byte_data_t signature;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
+    FSPSM_RSA_DATA message_hash;
+    FSPSM_RSA_DATA signature;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
     int keySize;
     
     (void) key;
@@ -410,28 +411,28 @@ WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
     signature.pdata = out;
     signature.data_length = outLen;
     
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (keySize == 1024) {
             
-            ret = R_SCE_RSASSA_PKCS1024_SignatureVerify(&signature,
+            ret = FSPSM_RSA1024_VRY_FUNC(&signature,
                   &message_hash,
-                  (sce_rsa1024_public_wrapped_key_t *)
-                        info->sce_wrapped_key_rsapub1024,
+                  (FSPSM_RSA1024_WPB_KEY *)
+                        info->wrapped_key_rsapub1024,
                   HW_SCE_RSA_HASH_SHA256);
         }
         else {
             
-                ret = R_SCE_RSASSA_PKCS2048_SignatureVerify(&signature, 
+                ret = FSPSM_RSA2048_VRY_FUNC(&signature, 
                     &message_hash,
-                    (sce_rsa2048_public_wrapped_key_t *)
-                         info->sce_wrapped_key_rsapub2048,
+                    (FSPSM_RSA2048_WPB_KEY *)
+                         info->wrapped_key_rsapub2048,
                     HW_SCE_RSA_HASH_SHA256 );
         }
         
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     
     return ret;
 }
 
-#endif /* !NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /* !NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */

wolfcrypt/src/port/Renesas/renesas_sce_sha.c → wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c

@@ -1,4 +1,4 @@
-/* renesas_sce_sha.c
+/* renesas_fspsm_sha.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -30,18 +30,18 @@
 
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
 
 #include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 
 /* Free up allocation for msg
  *
- * hash    The SCE Hash object.
+ * hash    The FSPSM Hash object.
  * no return value
  */
-static void SCEHashFree(wolfssl_SCE_Hash* hash)
+static void FSPSM_HashFree(wolfssl_FSPSM_Hash* hash)
 {
     if (hash == NULL)
         return;
@@ -53,12 +53,12 @@ static void SCEHashFree(wolfssl_SCE_Hash* hash)
 }
 /* Initialize Hash object
  *
- * hash    The SCE Hash object.
+ * hash    The FSPSM Hash object.
  * heap    Buffer to hold heap if available
  * devId   device Id
  * return  0 on success, BAD_FUNC_ARG when has is NULL
  */
-static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId,
+static int FSPSM_HashInit(wolfssl_FSPSM_Hash* hash, void* heap, int devId,
     word32 sha_type)
 {
     if (hash == NULL) {
@@ -66,7 +66,7 @@ static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId,
     }
 
     (void)devId;
-    XMEMSET(hash, 0, sizeof(wolfssl_SCE_Hash));
+    XMEMSET(hash, 0, sizeof(wolfssl_FSPSM_Hash));
 
     hash->heap = heap;
     hash->len  = 0;
@@ -79,12 +79,13 @@ static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId,
 
 /* Add data to msg(work buffer) for final hash operation
  *
- * hash    The SCE Hash object.
+ * hash    The FSPSM Hash object.
  * data    Buffer to hold plain text for hash
  * sz      Length of data
  * return  0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure
  */
-static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
+static int FSPSM_HashUpdate(wolfssl_FSPSM_Hash* hash,
+                                                const byte* data, word32 sz)
 {
     if (hash == NULL || (sz > 0 && data == NULL)) {
         return BAD_FUNC_ARG;
@@ -128,38 +129,38 @@ static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
 
 /* Perform hash operation using accumulated msg
  *
- * hash    The SCE Hash object.
+ * hash    The FSPSM Hash object.
  * out     Buffer to hold hashed text
  * outSz   Length of out
  * return  FSP_SUCCESS(0) on success,
  *         otherwise BAD_FUNC_ARG or FSP Error code on failure
  */
-static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
+static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
 {
     int ret;
     void* heap;
-    sce_sha_md5_handle_t handle;
+    FSPSM_SHA_HANDLE handle;
     uint32_t sz;
 
-    fsp_err_t (*Init)(sce_sha_md5_handle_t*);
-    fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
-    fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
+    fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+    fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+    fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
 
     if (hash == NULL || out == NULL) {
         return BAD_FUNC_ARG;
     }
 
-    if (hash->sha_type == SCE_SHA256) {
-        Init = R_SCE_SHA256_Init;
-        Update = R_SCE_SHA256_Update;
-        Final = R_SCE_SHA256_Final;
+    if (hash->sha_type == FSPSM_SHA256) {
+        Init = FSPSM_SHA256_Init;
+        Update = FSPSM_SHA256_Up;
+        Final = FSPSM_SHA256_Final;
     }
     else
         return BAD_FUNC_ARG;
 
     heap = hash->heap;
 
-    wc_sce_hw_lock();
+    wc_fspsm_hw_lock();
 
     if (Init(&handle) == FSP_SUCCESS) {
         ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
@@ -170,35 +171,35 @@ static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
             }
         }
     }
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
 
-    SCEHashFree(hash);
-    return SCEHashInit(hash, heap, 0, hash->sha_type);
+    FSPSM_HashFree(hash);
+    return FSPSM_HashInit(hash, heap, 0, hash->sha_type);
 }
 /* Hash operation to message and return a result */
-static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
+static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
 {
     int ret;
-    sce_sha_md5_handle_t handle;
+    FSPSM_SHA_HANDLE handle;
     uint32_t sz;
 
-    fsp_err_t (*Init)(sce_sha_md5_handle_t*);
-    fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
-    fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
+    fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+    fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+    fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
 
     if (hash == NULL || out == NULL) {
         return BAD_FUNC_ARG;
     }
 
-    if (hash->sha_type == SCE_SHA256) {
-        Init = R_SCE_SHA256_Init;
-        Update = R_SCE_SHA256_Update;
-        Final = R_SCE_SHA256_Final;
+    if (hash->sha_type == FSPSM_SHA256) {
+        Init = FSPSM_SHA256_Init;
+        Update = FSPSM_SHA256_Up;
+        Final = FSPSM_SHA256_Final;
     }
     else
         return BAD_FUNC_ARG;
 
-    wc_sce_hw_lock();
+    wc_fspsm_hw_lock();
 
     if (Init(&handle) == FSP_SUCCESS) {
         ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
@@ -210,18 +211,18 @@ static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
         }
     }
 
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
 
     return 0;
 }
 /* copy hash result from src to dst */
-static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst)
+static int FSPSM_HashCopy(wolfssl_FSPSM_Hash* src, wolfssl_FSPSM_Hash* dst)
 {
     if (src == NULL || dst == NULL) {
         return BAD_FUNC_ARG;
     }
 
-    XMEMCPY(dst, src, sizeof(wolfssl_SCE_Hash));
+    XMEMCPY(dst, src, sizeof(wolfssl_FSPSM_Hash));
 
     if (src->len > 0 && src->msg != NULL) {
         dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -240,28 +241,28 @@ static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst)
 /*  wrapper for wc_InitSha256_ex */
 int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
 {
-    return SCEHashInit(sha, heap, devId, SCE_SHA256);
+    return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA256);
 }
 /*  wrapper for wc_Sha256Update */
 int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
 {
-    return SCEHashUpdate(sha, in, sz);
+    return FSPSM_HashUpdate(sha, in, sz);
 }
 /*  wrapper for wc_Sha256Final */
 int wc_Sha256Final(wc_Sha256* sha, byte* hash)
 {
-    return SCEHashFinal(sha, hash, WC_SHA256_DIGEST_SIZE);
+    return FSPSM_HashFinal(sha, hash, WC_SHA256_DIGEST_SIZE);
 }
 /*  wrapper for wc_Sha256GetHash */
 int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
 {
-    return SCEHashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
+    return FSPSM_HashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
 }
 /*  wrapper for wc_Sha256Copy */
 int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
 {
-    return SCEHashCopy(src, dst);
+    return FSPSM_HashCopy(src, dst);
 }
 #endif /* !NO_SHA256 */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT */
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS */
 #endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */

wolfcrypt/src/port/Renesas/renesas_sce_util.c → wolfcrypt/src/port/Renesas/renesas_fspsm_util.c

@@ -1,4 +1,4 @@
-/* renesas_sce_util.c
+/* renesas_fspsm_util.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -20,13 +20,14 @@
  */
 #include <wolfssl/wolfcrypt/types.h>
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
 
 #include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #include <wolfssl/wolfcrypt/memory.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
@@ -42,35 +43,38 @@
     #define WOLFSSL_PKMSG(_f_, ...) WC_DO_NOTHING
 #endif
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
-WOLFSSL_GLOBAL SCE_PKCbInfo gSCE_PKCbInfo;
+#if defined(WOLFSSL_RENESAS_FSPSM_ECC)
+WOLFSSL_GLOBAL FSPSM_ST_PKC gPKCbInfo;
 #endif
 
 /* expect to have these variables defined at user application */
-extern sce_instance_ctrl_t sce_ctrl;
-extern sce_cfg_t sce_cfg;
+extern FSPSM_INSTANCE   gFSPSM_ctrl;
+extern FSPSM_CONFIG     gFSPSM_cfg;
 
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
 static const byte*  ca_cert_sig;
-static sce_key_data g_user_key_info;
+static fspsm_key_data g_user_key_info;
 
 static uint32_t     g_encrypted_publicCA_key[HW_SCE_SINST_WORD_SIZE];
 extern uint32_t     g_CAscm_Idx;          /* index of CM table    */
-wolfSSL_Mutex       sce_mutex;
-static int          sce_CryptHwMutexInit_ = 0;
-static uint32_t     sce_sess_idx = 0;
+#endif
+
+wolfSSL_Mutex       fspsm_mutex;
+static int          fspsm_CryptHwMutexInit_ = 0;
+static uint32_t     fspsm_sess_idx = 0;
 
 /* Mutex Init */
-static int sce_CryptHwMutexInit(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexInit(wolfSSL_Mutex* mutex)
 {
     return wc_InitMutex(mutex);
 }
 /* Mutex Lock */
-static int sce_CryptHwMutexLock(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexLock(wolfSSL_Mutex* mutex)
 {
     return wc_LockMutex(mutex);
 }
 /* Mutex Unlock */
-static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
 {
     return wc_UnLockMutex(mutex);
 }
@@ -79,23 +83,23 @@ static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
 * lock hw engine
 * this should be called before using engine.
 */
-WOLFSSL_LOCAL int wc_sce_hw_lock()
+WOLFSSL_LOCAL int wc_fspsm_hw_lock()
 {
     int ret = 0;
 
-    if (sce_CryptHwMutexInit_ == 0) {
+    if (fspsm_CryptHwMutexInit_ == 0) {
 
-        ret = sce_CryptHwMutexInit(&sce_mutex);
+        ret = fspsm_CryptHwMutexInit(&fspsm_mutex);
 
         if (ret == 0) {
-            sce_CryptHwMutexInit_ = 1;
+            fspsm_CryptHwMutexInit_ = 1;
         }
         else {
             WOLFSSL_MSG(" mutex initialization failed.");
             return -1;
         }
     }
-    if (sce_CryptHwMutexLock(&sce_mutex) != 0) {
+    if (fspsm_CryptHwMutexLock(&fspsm_mutex) != 0) {
         /* this should not happens */
         return -1;
     }
@@ -106,26 +110,28 @@ WOLFSSL_LOCAL int wc_sce_hw_lock()
 /*
 * release hw engine
 */
-WOLFSSL_LOCAL void wc_sce_hw_unlock(void)
+WOLFSSL_LOCAL void wc_fspsm_hw_unlock(void)
 {
-    sce_CryptHwMutexUnLock(&sce_mutex);
+    fspsm_CryptHwMutexUnLock(&fspsm_mutex);
 }
 
 /* Open sce driver for use */
-WOLFSSL_LOCAL int wc_sce_Open()
+WOLFSSL_LOCAL int wc_fspsm_Open()
 {
-    WOLFSSL_ENTER("wc_sce_Open");
+    WOLFSSL_ENTER("wc_fspsm_Open");
     int ret;
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
 
-        ret = R_SCE_Open(&sce_ctrl, &sce_cfg);
+        ret = FSPSM_OPEN(&gFSPSM_ctrl, &gFSPSM_cfg);
 
         if (ret != FSP_SUCCESS) {
             WOLFSSL_MSG("RENESAS SCE Open failed");
         }
+        
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
         if (ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
 
-            ret = R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall(
+            ret = FSPSM_ROOTCA_RSA2048(
                     g_user_key_info.encrypted_provisioning_key,
                     g_user_key_info.iv,
                     g_user_key_info.encrypted_user_tls_key,
@@ -138,28 +144,28 @@ WOLFSSL_LOCAL int wc_sce_Open()
         else {
             WOLFSSL_MSG("Failed to lock sce hw ");
         }
-
+    #endif
     }
 
     /* unlock hw */
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
 
-    WOLFSSL_LEAVE("wc_sce_Open", ret);
+    WOLFSSL_LEAVE("wc_fspsm_Open", ret);
     return ret;
 }
 
 /* close SCE driver */
-WOLFSSL_LOCAL void wc_sce_Close()
+WOLFSSL_LOCAL void wc_fspsm_Close()
 {
     WOLFSSL_ENTER("sce Close");
     int ret;
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         /* close SCE */
-        ret = R_SCE_Close(&sce_ctrl);
+        ret = FSPSM_CLOSE(&gFSPSM_ctrl);
 
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
         if (ret != FSP_SUCCESS) {
             WOLFSSL_MSG("RENESAS SCE Close failed");
         }
@@ -169,15 +175,16 @@ WOLFSSL_LOCAL void wc_sce_Close()
     }
 }
 
-#ifndef WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
+#if defined(WOLFSSL_RENESAS_FSPSM_ECC)
 /* Verify Server Key Exchange while doing ECDH key exchange */
-static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig,
-                                                      uint32_t sigSz, void* ctx)
+static int fspsm_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl,
+                                   const uint8_t* sig,
+                                   uint32_t sigSz, void* ctx)
 {
     int ret = WOLFSSL_FAILURE;
-    User_SCEPKCbInfo* cbInfo;
+    FSPSM_ST* cbInfo;
     byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES];
     byte *peerkey = NULL;
 
@@ -188,7 +195,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
     if (ssl == NULL || sig == NULL || ctx == NULL)
         return ret;
 
-    cbInfo = (User_SCEPKCbInfo*)ctx;
+    cbInfo = (FSPSM_ST*)ctx;
 
     /* export public peer public key */
     ret = wc_ecc_export_public_raw(ssl->peerEccKey, qx, &qxLen, qy, &qyLen);
@@ -210,9 +217,9 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
     XMEMCPY(&peerkey[4], qx, qxLen);
     XMEMCPY(&peerkey[4+qxLen], qy, qyLen);
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         /* 0 : RSA 2048bit, 1 : Reserved, 2 : ECDSA P-256 */
-        ret = R_SCE_TLS_ServerKeyExchangeVerify(
+        ret = FSPSM_TLS_SVRKEYExVfy(
             type,
             (uint8_t*) ssl->arrays->clientRandom,
             (uint8_t*) ssl->arrays->serverRandom,
@@ -222,7 +229,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
             (uint32_t*)cbInfo->encrypted_ephemeral_ecdh_public_key);
 
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+            WOLFSSL_MSG("failed R_fspsm_TLS_ServerKeyExchangeVerify");
             cbInfo->keyflgs_tls.bits.pk_key_set = 0;
         }
         else {
@@ -235,13 +242,13 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
     }
 
     /* unlock hw */
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
 
     XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
 }
 /* Callback for Rsa Verify */
-WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
+WOLFSSL_LOCAL int wc_fspsm_RsaVerifyTLS(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
         uint8_t** out, const byte* key, uint32_t keySz, void* ctx)
 {
     int ret = WOLFSSL_FAILURE;
@@ -251,8 +258,8 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
 
     WOLFSSL_PKMSG("SCE RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz);
 
-    if (wc_sce_usable(ssl, 0))
-      ret = SCE_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
+    if (wc_fspsm_usable(ssl, 0))
+      ret = fspsm_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
     else
       ret = CRYPTOCB_UNAVAILABLE;
 
@@ -264,7 +271,7 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
     return ret;
 }
 /* Callback for Ecc Verify */
-WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
+WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(WOLFSSL* ssl, const uint8_t* sig,
         uint32_t sigSz,  const uint8_t* hash, uint32_t hashSz,
         const uint8_t* key, uint32_t keySz, int* result, void* ctx)
 {
@@ -283,7 +290,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
     WOLFSSL_PKMSG("SCE ECC Verify: ssl->options.serverState = %d sigSz %d, hashSz %d, keySz %d\n",
                     ssl->options.serverState, sigSz, hashSz, keySz);
 
-    if (!wc_sce_usable(ssl, 0)) {
+    if (!wc_fspsm_usable(ssl, 0)) {
       WOLFSSL_PKMSG("Cannot handle cipher suite by SCE");
       return CRYPTOCB_UNAVAILABLE;
     }
@@ -322,7 +329,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
         }
     }
 
-    ret = SCE_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
+    ret = fspsm_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
 
     if (sigforSCE)
         XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP);
@@ -340,7 +347,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
 }
 
 /* Callback for ECC shared secret */
-WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
+WOLFSSL_LOCAL int fspsm_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         uint8_t* pubKeyDer, unsigned int* pubKeySz,
         uint8_t* out, unsigned int* outlen, int side, void* ctx)
 {
@@ -348,7 +355,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
     (void) otherKey;
     (void) side;
 
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 
     (void)ssl;
     (void)cbInfo;
@@ -362,9 +369,9 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id);
 
     if (cbInfo->keyflgs_tls.bits.pk_key_set == 1) {
-        if ((ret = wc_sce_hw_lock()) == 0) {
+        if ((ret = wc_fspsm_hw_lock()) == 0) {
             /* Generate ECC PUblic key pair */
-            ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate(
+            ret = FSPSM_TLS_ECCS256R1_KPG(
                 &cbInfo->ecc_p256_wrapped_key,
                 (uint8_t*)&cbInfo->ecc_ecdh_public_key/* Qx 32 bytes and Qy 32 bytes*/ );
             if (ret != FSP_SUCCESS) {
@@ -379,7 +386,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
                         sizeof(cbInfo->ecc_ecdh_public_key));
 
             /* Generate Premaster Secret */
-            ret = R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1(
+            ret = FSPSM_TLS_PREMASTERGEN(
                         (uint32_t*)&cbInfo->encrypted_ephemeral_ecdh_public_key,
                         &cbInfo->ecc_p256_wrapped_key,
                         (uint32_t*)out/* pre-master secret 64 bytes */);
@@ -398,7 +405,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         }
 
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
 
         *outlen = 64;
         WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen);
@@ -428,7 +435,7 @@ static uint32_t GetSceCipherSuite(
                 break;
 
             default:
-                sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+                sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
                 break;
         }
         WOLFSSL_MSG("<< GetSceCipherSuite");
@@ -436,7 +443,7 @@ static uint32_t GetSceCipherSuite(
     }
     else if (cipherSuiteFirst == ECC_BYTE)
     {
-        sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+        sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
         /* comment out until implementation completes */
         switch(cipherSuite) {
 
@@ -457,12 +464,12 @@ static uint32_t GetSceCipherSuite(
                 break;
 
             default:
-                sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+                sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
                 break;
         }
     }
     else{
-        sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+        sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
     }
 
     WOLFSSL_MSG("<< GetSceCipherSuite");
@@ -474,10 +481,10 @@ static uint32_t GetSceCipherSuite(
 /* ssl     : a pointer to WOLFSSL object                       */
 /* session_key_generated : if session key has been generated   */
 /* return  1 for usable, 0 for unusable                        */
-WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
+WOLFSSL_LOCAL int wc_fspsm_usable(const WOLFSSL *ssl,
                                                 uint8_t session_key_generated)
 {
-    WOLFSSL_ENTER("sce_usable");
+    WOLFSSL_ENTER("fspsm_usable");
     uint32_t sceCipher;
     byte side;
     const Ciphers *enc;
@@ -518,7 +525,7 @@ WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
                                      ssl->options.cipherSuite);
     side = ssl->options.side;
 
-    if (sceCipher != (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE 
+    if (sceCipher != (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE
                                    && side == WOLFSSL_CLIENT_END)
         return 1;
     else
@@ -526,44 +533,45 @@ WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
 }
 
 /* Generate Hmac by sha256*/
-WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const WOLFSSL *ssl,const uint8_t* myInner,
-        uint32_t innerSz,const uint8_t* in, uint32_t sz, byte* digest)
+WOLFSSL_LOCAL int wc_fspsm_Sha256GenerateHmac(const WOLFSSL *ssl,
+                const uint8_t* myInner, uint32_t innerSz,const uint8_t* in,
+                uint32_t sz, byte* digest)
 {
-    WOLFSSL_ENTER("sce_Sha256HmacGenerate");
+    WOLFSSL_ENTER("fspsm_Sha256HmacGenerate");
 
-    sce_hmac_sha_handle_t _handle;
-    sce_hmac_sha_wrapped_key_t wrapped_key;
+    FSPSM_HMAC_HANDLE _handle;
+    FSPSM_HMAC_WKEY wrapped_key;
     int ret;
 
     if ((ssl == NULL) || (myInner == NULL) || (in == NULL) ||
         (digest == NULL))
       return BAD_FUNC_ARG;
 
-    wrapped_key = ssl->keys.sce_client_write_MAC_secret;
+    wrapped_key = ssl->keys.fspsm_client_write_MAC_secret;
 
-    if ((ret = wc_sce_hw_lock()) != 0) {
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
         WOLFSSL_MSG("hw lock failed");
         return ret;
     }
 
-    ret = R_SCE_SHA256HMAC_GenerateInit(
+    ret = FSPSM_S256HMAC_GInt(
                 &_handle,
                 &wrapped_key);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_GenerateUpdate(
+        ret = FSPSM_S256HMAC_GUp(
                 &_handle,
                 (uint8_t*)myInner,
                 innerSz);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_GenerateUpdate(
+        ret = FSPSM_S256HMAC_GUp(
                 &_handle,
                 (uint8_t*)in,
                 sz);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_GenerateFinal(
+        ret = FSPSM_S256HMAC_GFnl(
                 &_handle,
                 digest);
 
@@ -571,29 +579,29 @@ WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const WOLFSSL *ssl,const uint8_t* my
         ret = WOLFSSL_FAILURE;
 
     /* unlock hw */
-    wc_sce_hw_unlock();
-    WOLFSSL_LEAVE("sce_Sha256HmacGenerate", ret);
+    wc_fspsm_hw_unlock();
+    WOLFSSL_LEAVE("fspsm_Sha256HmacGenerate", ret);
     return ret;
 }
 
 /* Verify hmac */
-WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const WOLFSSL *ssl,
+WOLFSSL_LOCAL int wc_fspsm_Sha256VerifyHmac(const WOLFSSL *ssl,
         const uint8_t* message, uint32_t messageSz,
         uint32_t macSz, uint32_t content)
 {
-    WOLFSSL_ENTER("sce_Sha256HmacVerify");
+    WOLFSSL_ENTER("fspsm_Sha256HmacVerify");
 
-    sce_hmac_sha_handle_t _handle;
-    sce_hmac_sha_wrapped_key_t wrapped_key;
+    FSPSM_HMAC_HANDLE _handle;
+    FSPSM_HMAC_WKEY wrapped_key;
     byte   myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
     int ret;
 
     if ((ssl == NULL) || (message == NULL))
         return BAD_FUNC_ARG;
 
-    wrapped_key = ssl->keys.sce_server_write_MAC_secret;
+    wrapped_key = ssl->keys.fspsm_server_write_MAC_secret;
 
-    if ((ret = wc_sce_hw_lock()) != 0) {
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
         WOLFSSL_MSG("hw lock failed");
         return ret;
     }
@@ -601,44 +609,45 @@ WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const WOLFSSL *ssl,
     wolfSSL_SetTlsHmacInner((WOLFSSL*)ssl, myInner,
                                                         (word32)messageSz, (int)content, 1);
 
-    ret = R_SCE_SHA256HMAC_VerifyInit(
+    ret = FSPSM_S256HMAC_VInt(
                 &_handle,
                 &wrapped_key);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_VerifyUpdate(
+        ret = FSPSM_S256HMAC_VUp(
                 &_handle,
                 (uint8_t*)myInner,
                 WOLFSSL_TLS_HMAC_INNER_SZ);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_VerifyUpdate(
+        ret = FSPSM_S256HMAC_VUp(
                 &_handle,
                 (uint8_t*)message,
                 (uint32_t)messageSz);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_VerifyFinal(
+        ret = FSPSM_S256HMAC_VFnl(
                 &_handle,
                 (uint8_t*)(message+messageSz),
                 (uint32_t)macSz);
 
     if (ret != FSP_SUCCESS) {
-        WOLFSSL_MSG("SCE Mac verification failed");
+        WOLFSSL_MSG("FSP SM Mac verification failed");
     }
 
     /* unlock hw */
-    wc_sce_hw_unlock();
-    WOLFSSL_LEAVE("sce_Sha256HmacVerify", ret);
+    wc_fspsm_hw_unlock();
+    WOLFSSL_LEAVE("fspsm_Sha256HmacVerify", ret);
     return ret;
 }
 
 /* generate Verify Data based on master secret */
-WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret */
-                           const uint8_t *side, const uint8_t *handshake_hash,
-                           uint8_t *hashes /* out */)
+WOLFSSL_LOCAL int wc_fspsm_generateVerifyData(
+                            const uint8_t *ms, /* master secret */
+                            const uint8_t *side, const uint8_t *handshake_hash,
+                            uint8_t *hashes /* out */)
 {
-    WOLFSSL_ENTER("sce_generateVerifyData");
+    WOLFSSL_ENTER("fspsm_generateVerifyData");
     int ret ;
     uint32_t l_side = SCE_TLS_GENERATE_CLIENT_VERIFY;
 
@@ -652,31 +661,32 @@ WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret
         l_side = SCE_TLS_GENERATE_SERVER_VERIFY;
     }
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_VerifyDataGenerate(l_side, (uint32_t*)ms,
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_VERIFY_DATA_FUNC(l_side, (uint32_t*)ms,
                        (uint8_t*)handshake_hash, hashes/* out */);
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_VerifyDataGenerate failed");
+            WOLFSSL_MSG("R_fspsm_TLS_VerifyDataGenerate failed");
         }
     }
     /* unlock hw */
-    wc_sce_hw_unlock();
-    WOLFSSL_LEAVE("sce_generateVerifyData", ret);
+    wc_fspsm_hw_unlock();
+    WOLFSSL_LEAVE("fspsm_generateVerifyData", ret);
     return ret;
 }
 
 /* generate keys for TLS communication */
-WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
-                User_SCEPKCbInfo* cbInfo, int devId)
+WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
+                FSPSM_ST* cbInfo, int devId)
 {
-    WOLFSSL_MSG("sce_generateSessionKey()");
+    WOLFSSL_MSG("fspsm_generateSessionKey()");
     int ret;
     Ciphers *enc;
     Ciphers *dec;
-    sce_hmac_sha_wrapped_key_t key_client_mac;
-    sce_hmac_sha_wrapped_key_t key_server_mac;
-    sce_aes_wrapped_key_t key_client_aes;
-    sce_aes_wrapped_key_t key_server_aes;
+    FSPSM_HMAC_WKEY key_client_mac;
+    FSPSM_HMAC_WKEY key_server_mac;
+    
+    FSPSM_AES_WKEY key_client_aes;
+    FSPSM_AES_WKEY key_server_aes;
     uint32_t sceCS = GetSceCipherSuite(ssl->options.cipherSuite0,
                                          ssl->options.cipherSuite);
 
@@ -684,7 +694,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
       return BAD_FUNC_ARG;
 
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (sceCS == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ||
                 sceCS == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
         {
@@ -695,11 +705,11 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
 
         }
         else {
-            ret = R_SCE_TLS_SessionKeyGenerate(
+            ret = FSPSM_SESSIONKEY_GEN_FUNC(
                     GetSceCipherSuite(
                         ssl->options.cipherSuite0,
                         ssl->options.cipherSuite),
-                    (uint32_t*)ssl->arrays->sce_masterSecret,
+                    (uint32_t*)ssl->arrays->fspsm_masterSecret,
                     (uint8_t*) ssl->arrays->clientRandom,
                     (uint8_t*) ssl->arrays->serverRandom,
                     NULL,
@@ -711,7 +721,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
         }
 
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
+            WOLFSSL_MSG("R_fspsm_TLS_SessionKeyGenerate failed");
         }
         else {
             /* succeeded creating session keys */
@@ -745,20 +755,20 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
             }
             /* copy key index into aes */
             if (ssl->options.side == PROVISION_CLIENT) {
-                XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_client_aes,
+                XMEMCPY(&enc->aes->ctx.wrapped_key, &key_client_aes,
                                                     sizeof(key_client_aes));
-                XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_server_aes,
+                XMEMCPY(&dec->aes->ctx.wrapped_key, &key_server_aes,
                                                     sizeof(key_server_aes));
             }
             else {
-                XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_server_aes,
+                XMEMCPY(&enc->aes->ctx.wrapped_key, &key_server_aes,
                                                     sizeof(key_server_aes));
-                XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_client_aes,
+                XMEMCPY(&dec->aes->ctx.wrapped_key, &key_client_aes,
                                                     sizeof(key_client_aes));
             }
             /* copy mac key index into keys */
-            ssl->keys.sce_client_write_MAC_secret = key_client_mac;
-            ssl->keys.sce_server_write_MAC_secret = key_server_mac;
+            ssl->keys.fspsm_client_write_MAC_secret = key_client_mac;
+            ssl->keys.fspsm_server_write_MAC_secret = key_server_mac;
 
             /* set up key size and marked ready */
             if (enc) {
@@ -775,8 +785,8 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
                 dec->setup = 1;
             }
 
-            if (cbInfo->sce_cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
-               cbInfo->sce_cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
+            if (cbInfo->cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
+               cbInfo->cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
                 enc->aes->nonceSz = AEAD_MAX_IMP_SZ;
                 dec->aes->nonceSz = AEAD_MAX_IMP_SZ;
              }
@@ -787,18 +797,18 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
             cbInfo->keyflgs_tls.bits.session_key_set = 1;
         }
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_LEAVE("hw lock failed", ret);
     }
 
-    WOLFSSL_LEAVE("sce_generateSessionKey", ret);
+    WOLFSSL_LEAVE("fspsm_generateSessionKey", ret);
     return ret;
 }
 
 /* generate master secret based on pre-master which is generated by SCE */
-WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
+WOLFSSL_LOCAL int wc_fspsm_generateMasterSecret(
         uint8_t        cipherSuiteFirst,
         uint8_t        cipherSuite,
         const uint8_t *pr, /* pre-master    */
@@ -806,7 +816,7 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
         const uint8_t *sr, /* server random */
         uint8_t *ms)
 {
-    WOLFSSL_ENTER("sce_generateMasterSecretEx");
+    WOLFSSL_ENTER("fspsm_generateMasterSecretEx");
     int ret;
 
     if ((pr == NULL) || (cr == NULL) || (sr == NULL) ||
@@ -817,49 +827,49 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
     if (sceCS == 0xffffffff)
         return BAD_FUNC_ARG;
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_MasterSecretGenerate(
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_MASTERSECRET_GEN_FUNC(
             sceCS,
             (uint32_t*)pr,
             (uint8_t*)cr, (uint8_t*)sr, (uint32_t*)ms);
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_MasterSecretGenerate failed");
+            WOLFSSL_MSG("R_fspsm_TLS_MasterSecretGenerate failed");
         }
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("sce_generateMasterSecret", ret);
+    WOLFSSL_LEAVE("fspsm_generateMasterSecret", ret);
     return ret;
 }
 
 /* generate pre-Master secrete by SCE */
-WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
+WOLFSSL_LOCAL int wc_fspsm_generatePremasterSecret(uint8_t *premaster,
                                                         uint32_t preSz)
 {
-    WOLFSSL_ENTER("sce_generatePremasterSecret");
+    WOLFSSL_ENTER("fspsm_generatePremasterSecret");
     int ret;
 
     if (premaster == NULL)
       return BAD_FUNC_ARG;
 
-    if ((ret = wc_sce_hw_lock()) == 0 && preSz >=
+    if ((ret = wc_fspsm_hw_lock()) == 0 && preSz >=
                                     (SCE_TLS_MASTER_SECRET_WORD_SIZE*4)) {
             /* generate pre-master, 80 bytes */
-            ret = R_SCE_TLS_PreMasterSecretGenerateForRSA2048((uint32_t*)premaster);
+            ret = FSPSM_PREGEN_FUNC((uint32_t*)premaster);
             if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG(" R_SCE_TLS_GeneratePreMasterSecret failed");
+                WOLFSSL_MSG(" R_fspsm_TLS_GeneratePreMasterSecret failed");
             }
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed or preSz is smaller than 80");
     }
 
-    WOLFSSL_LEAVE("sce_generatePremasterSecret", ret);
+    WOLFSSL_LEAVE("fspsm_generatePremasterSecret", ret);
     return ret;
 }
 
@@ -867,20 +877,20 @@ WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
 /*
 * generate encrypted pre-Master secrete by SCE
 */
-WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
+WOLFSSL_LOCAL int wc_fspsm_generateEncryptPreMasterSecret(
         WOLFSSL*    ssl,
         uint8_t*       out,
         uint32_t*     outSz)
 {
-    WOLFSSL_MSG("sce_generateEncryptPreMasterSecret");
+    WOLFSSL_MSG("fspsm_generateEncryptPreMasterSecret");
     int ret;
 
     if ((ssl == NULL) || (out == NULL) || (outSz == NULL))
       return BAD_FUNC_ARG;
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (*outSz >= 256)
-            ret = R_SCE_TLS_PreMasterSecretEncryptWithRSA2048(
+            ret = FSPSM_PREGENENC_FUNC(
                         (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
                         (uint32_t*)ssl->arrays->preMasterSecret,
                         (uint8_t*)out);
@@ -888,7 +898,7 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
             ret = -1;
 
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 failed");
+            WOLFSSL_MSG("R_fspsm_TLS_PreMasterSecretEncryptWithRSA2048 failed");
         }
         else {
             *outSz = 256; /* SCE can only handles 2048 RSA */
@@ -898,26 +908,26 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
                                                 Renesas_cmn_genMasterSecret);
             wolfSSL_SetGenMasterSecretCtx(ssl, ctx);
         }
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
 
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("sce_generateEncryptPreMasterSecret", ret);
+    WOLFSSL_LEAVE("fspsm_generateEncryptPreMasterSecret", ret);
     return ret;
 }
 
 
 /* Certificate verification by SCE */
-WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
+WOLFSSL_LOCAL int wc_fspsm_tls_CertVerify(
         const uint8_t* cert,       uint32_t certSz,
         const uint8_t* signature,  uint32_t sigSz,
         uint32_t      key_n_start,uint32_t key_n_len,
         uint32_t      key_e_start,uint32_t key_e_len,
-        uint8_t*      sce_encPublickey)
+        uint8_t*      fspsm_encPublickey)
 {
-    WOLFSSL_ENTER("sce_tls_CertVerify");
+    WOLFSSL_ENTER("fspsm_tls_CertVerify");
     int ret;
     uint8_t *sigforSCE;
     uint8_t *pSig;
@@ -935,8 +945,8 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
         WOLFSSL_MSG(" signature for ca verification is not set");
         return -1;
     }
-    if (!sce_encPublickey) {
-        WOLFSSL_MSG(" sce_encPublickey is NULL.");
+    if (!fspsm_encPublickey) {
+        WOLFSSL_MSG(" fspsm_encPublickey is NULL.");
         return -1;
     }
 
@@ -980,36 +990,36 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
     }
 
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_CertificateVerify(
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_TLSCERT_VRY(
                 g_user_key_info.encrypted_user_tls_key_type,
                 (uint32_t*)g_encrypted_publicCA_key,/* encrypted public key  */
-                (uint8_t*)cert,                    /* certificate der        */
-                certSz,                            /* length of der          */
+                (uint8_t*)cert,                 /* certificate der        */
+                certSz,                         /* length of der          */
                 (uint8_t*)pSig,                 /* sign data by RSA PSS   */
                 key_n_start,  /* start position of public key n in bytes     */
                 (key_n_start + key_n_len),     /* length of the public key n */
                 key_e_start,                   /* start pos, key e in bytes  */
                 (key_e_start + key_e_len),     /* length of the public key e */
-                (uint32_t*)sce_encPublickey    /* returned encrypted key     */
+                (uint32_t*)fspsm_encPublickey  /* returned encrypted key     */
                 );
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG(" R_TSIP_TlsCertificateVerification() failed");
+            WOLFSSL_MSG(" R_XXX_TlsCertificateVerification() failed");
         }
         if (sigforSCE) {
           XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP);
         }
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("sce_tls_CertVerify", ret);
+    WOLFSSL_LEAVE("fspsm_tls_CertVerify", ret);
     return ret;
 }
 
 /* Root Certificate verification */
-WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
+WOLFSSL_LOCAL int wc_fspsm_tls_RootCertVerify(
         const uint8_t* cert,        uint32_t cert_len,
         uint32_t      key_n_start,    uint32_t key_n_len,
         uint32_t      key_e_start,    uint32_t key_e_len,
@@ -1019,7 +1029,7 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
     /* call to generate encrypted public key for certificate verification */
     uint8_t *signature = (uint8_t*)ca_cert_sig;
 
-    WOLFSSL_ENTER("wc_sce_tls_RootCertVerify");
+    WOLFSSL_ENTER("wc_fspsm_tls_RootCertVerify");
 
     if (cert == NULL)
       return BAD_FUNC_ARG;
@@ -1029,8 +1039,8 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
         return -1;
     }
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_RootCertificateVerify(
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_TLSROOTCERT_VRY(
                 g_user_key_info.encrypted_user_tls_key_type,
                 (uint8_t*)cert,             /* CA cert */
                 (uint32_t)cert_len,         /* length of CA cert */
@@ -1042,55 +1052,63 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
                 g_encrypted_publicCA_key);  /* RSA-2048 public key 560 bytes */
                                             /* ECDSA 96 bytes */
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG(" R_SCE_TLS_RootCertificateVerify() failed");
+            WOLFSSL_MSG(" R_fspsm_TLS_RootCertificateVerify() failed");
         }
         else {
             g_CAscm_Idx = cm_row;
         }
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("wc_sce_tls_RootCertVerify", ret);
+    WOLFSSL_LEAVE("wc_fspsm_tls_RootCertVerify", ret);
     return ret;
 }
 
 /*  store elements for session key generation into ssl->keys.
  *  return 0 on success, negative value on failure
  */
-WOLFSSL_LOCAL int wc_sce_storeKeyCtx(WOLFSSL* ssl, User_SCEPKCbInfo* info)
+WOLFSSL_LOCAL int wc_fspsm_storeKeyCtx(WOLFSSL* ssl, FSPSM_ST* info)
 {
     int ret = 0;
 
-    WOLFSSL_ENTER("sce_storeKeyCtx");
+    WOLFSSL_ENTER("fspsm_storeKeyCtx");
 
     if (ssl == NULL || info == NULL)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        XMEMCPY(info->sce_masterSecret, ssl->arrays->sce_masterSecret,
-                                                SCE_TLS_MASTERSECRET_SIZE);
-        XMEMCPY(info->sce_clientRandom, ssl->arrays->clientRandom, 32);
-        XMEMCPY(info->sce_serverRandom, ssl->arrays->serverRandom, 32);
+        XMEMCPY(info->masterSecret, ssl->arrays->fspsm_masterSecret,
+                                                FSPSM_TLS_MASTERSECRET_SIZE);
+        XMEMCPY(info->clientRandom, ssl->arrays->clientRandom, 32);
+        XMEMCPY(info->serverRandom, ssl->arrays->serverRandom, 32);
 
-        info->sce_cipher = (uint8_t)GetSceCipherSuite(ssl->options.cipherSuite0,
+        info->cipher = (uint8_t)GetSceCipherSuite(ssl->options.cipherSuite0,
                                ssl->options.cipherSuite);
     }
-    WOLFSSL_LEAVE("sce_storeKeyCtx", ret);
+    WOLFSSL_LEAVE("fspsm_storeKeyCtx", ret);
     return ret;
 }
 
 /* to inform ca certificate sign */
 /* signature format expects RSA 2048 PSS with SHA256 */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign)
+#else
+WOLFSSL_API void wc_fspsm_inform_cert_sign(const uint8_t *sign)
+#endif
 {
     if (sign)
         ca_cert_sig = sign;
 }
 
 /* let wolfSSL know user key information using TLS operation by SCE */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API void wc_sce_inform_user_keys(
+#else
+WOLFSSL_API void wc_fspsm_inform_user_keys(
+#endif
     uint8_t* encrypted_provisioning_key,
     uint8_t* iv,
     uint8_t* encrypted_user_tls_key,
@@ -1119,7 +1137,11 @@ WOLFSSL_API void wc_sce_inform_user_keys(
 
 
 /* Set callbacks needed for sce TLS api handling */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
+#else
+WOLFSSL_API void wc_fspsm_set_callbacks(WOLFSSL_CTX* ctx)
+#endif
 {
     wolfSSL_CTX_SetEccVerifyCb(ctx, Renesas_cmn_EccVerify);
     wolfSSL_CTX_SetRsaVerifyCb(ctx, Renesas_cmn_RsaVerify);
@@ -1131,15 +1153,20 @@ WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
     wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL);
 }
 /* Set callback contexts needed for sce TLS api handling */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
+#else
+WOLFSSL_API int wc_fspsm_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
+#endif
 {
-    if (sce_sess_idx > MAX_SCE_CBINDEX) {
+    if (fspsm_sess_idx > MAX_FSPSM_CBINDEX) {
         WOLFSSL_MSG("exceeds maximum session index");
         return -1;
     }
-    gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx;
-    gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
-    gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.session_key_set = 0;
+    gPKCbInfo.user_PKCbInfo[fspsm_sess_idx] = (FSPSM_ST*)user_ctx;
+    gPKCbInfo.user_PKCbInfo[fspsm_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
+    gPKCbInfo.user_PKCbInfo[fspsm_sess_idx]->keyflgs_tls.bits.session_key_set
+                                                                            = 0;
 
     wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
     wolfSSL_SetRsaEncCtx(ssl, user_ctx);
@@ -1151,10 +1178,10 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
     /* set up crypt callback */
     wc_CryptoCb_CryptInitRenesasCmn(ssl, user_ctx);
 
-    gSCE_PKCbInfo.num_session = ++sce_sess_idx;
+    gPKCbInfo.num_session = ++fspsm_sess_idx;
 
     return 0;
 }
-#endif /*  !WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /*  !WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
 
-#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS || WOLFSSL_RENESAS_FSPSM_CRYPTONLY */

wolfcrypt/src/random.c

@@ -3474,8 +3474,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         }
         return ret;
     }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-          defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#elif defined(WOLFSSL_RENESAS_FSPSM) || \
+          defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     #include "r_sce.h"
 
     int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)

wolfcrypt/src/rsa.c

@@ -3263,7 +3263,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
                                   pad_value, pad_type, hash, mgf, label,
                                   labelSz, sz);
         }
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) || \
+    #elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
           (!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
             defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
            /* SCE needs warpped key which is passed via
@@ -3424,7 +3424,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
             }
             return ret;
         }
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) || \
+    #elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
           (!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
             defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
            #ifdef WOLF_CRYPTO_CB

wolfcrypt/src/sha256.c

@@ -175,9 +175,9 @@ on the specific device platform.
      defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
     !defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
     !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH) && \
-    ((!defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-        !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) \
-      || defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) && \
+    ((!defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+      !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) \
+      || defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) && \
     (!defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)) && \
     !defined(WOLFSSL_RENESAS_RX64_HASH)
 
@@ -756,11 +756,10 @@ static int InitSha256(wc_Sha256* sha256)
 
     /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
 
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
 
-    /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
+    /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
 
 #elif defined(WOLFSSL_PSOC6_CRYPTO)
 
@@ -1766,9 +1765,8 @@ void wc_Sha256Free(wc_Sha256* sha256)
     ((defined(WOLFSSL_RENESAS_TSIP_TLS) || \
       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
-    ((defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-      defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) || \
+    (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) || \
     defined(WOLFSSL_RENESAS_RX64_HASH) || \
     defined(WOLFSSL_HASH_KEEP)
 
@@ -1962,9 +1960,8 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
 
     /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
 
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-       defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
 
     /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
 

wolfcrypt/src/wc_port.c

@@ -61,9 +61,8 @@
 #if defined(WOLFSSL_RENESAS_TSIP)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
 #endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-            defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 #endif
 #if defined(WOLFSSL_RENESAS_RX64_HASH)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h>
@@ -194,9 +193,8 @@ int wolfCrypt_Init(void)
     }
     #endif
 
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-            defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        ret = wc_sce_Open( );
+    #if defined(WOLFSSL_RENESAS_FSPSM)
+        ret = wc_fspsm_Open( );
         if( ret != FSP_SUCCESS ) {
             WOLFSSL_MSG("RENESAS SCE Open failed");
             /* not return 1 since WOLFSSL_SUCCESS=1*/
@@ -450,9 +448,8 @@ int wolfCrypt_Cleanup(void)
         rx64_hw_Close();
     #endif
 
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        wc_sce_Close();
+    #if defined(WOLFSSL_RENESAS_FSPSM)
+        wc_fspsm_Close();
     #endif
 
     #ifdef WOLFSSL_SCE

wolfssl/internal.h

@@ -2759,10 +2759,9 @@ typedef struct Keys {
     tsip_hmac_sha_key_index_t tsip_server_write_MAC_secret;
 
 #endif
-#ifdef WOLFSSL_RENESAS_SCEPROTECT
-
-    sce_hmac_sha_wrapped_key_t sce_client_write_MAC_secret;
-    sce_hmac_sha_wrapped_key_t sce_server_write_MAC_secret;
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+    FSPSM_HMAC_WKEY fspsm_client_write_MAC_secret;
+    FSPSM_HMAC_WKEY fspsm_server_write_MAC_secret;
 #endif
 } Keys;
 
@@ -4767,8 +4766,8 @@ typedef struct Arrays {
    !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)
     byte            tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE];
 #endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT)
-    byte            sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE];
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    byte            fspsm_masterSecret[FSPSM_TLS_MASTERSECRET_SIZE];
 #endif
 #ifdef WOLFSSL_DTLS
     byte            cookie[MAX_COOKIE_LEN];
@@ -5431,7 +5430,7 @@ struct WOLFSSL {
 #endif /* OPENSSL_EXTRA */
 #ifndef NO_RSA
     RsaKey*         peerRsaKey;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     void*           RenesasUserCtx;
     byte*           peerSceTsipEncRsaKeyIndex;
 #endif

wolfssl/wolfcrypt/aes.h

@@ -298,9 +298,8 @@ struct Aes {
     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     TSIP_AES_CTX ctx;
 #endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    SCE_AES_CTX ctx;
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    FSPSM_AES_CTX ctx;
 #endif
 #if defined(WOLFSSL_IMXRT_DCP)
     dcp_handle_t handle;

wolfssl/wolfcrypt/asn.h

@@ -1417,7 +1417,7 @@ enum SignatureState {
 #endif
 #endif /* HAVE_PK_CALLBACKS */
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
     defined(HAVE_PK_CALLBACKS)
 typedef struct tagCertAttribute {
         byte   verifyByTSIP_SCE;
@@ -1490,7 +1490,7 @@ struct SignatureCtx {
 #endif
 #endif /* HAVE_PK_CALLBACKS */
 #ifndef NO_RSA
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
     defined(HAVE_PK_CALLBACKS)
     CertAttribute  CertAtt;
 #endif
@@ -1864,7 +1864,7 @@ struct DecodedCert {
 #ifndef NO_CERTS
     SignatureCtx sigCtx;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     byte*  sce_tsip_encRsaKeyIdx;
 #endif
 #ifdef WOLFSSL_MAXQ10XX_TLS
@@ -1975,7 +1975,7 @@ struct Signer {
 #ifdef WOLFSSL_SIGNER_DER_CERT
     DerBuffer* derCert;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     word32 cm_idx;
 #endif
     Signer* next;

wolfssl/wolfcrypt/include.am

@@ -107,7 +107,8 @@ noinst_HEADERS+= \
                          wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h \
                          wolfssl/wolfcrypt/port/arm/cryptoCell.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h \
-                         wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h \
+                         wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h \
+                         wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas_sync.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h \

wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h → wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h

@@ -1,4 +1,4 @@
-/* renesas-sce-crypt.h
+/* renesas-fspsm-crypt.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,32 +18,29 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-#ifndef __RENESAS_SCE_CRYPT_H__
-#define __RENESAS_SCE_CRYPT_H__
+#ifndef __RENESAS_FSPSM_CRYPT_H__
+#define __RENESAS_FSPSM_CRYPT_H__
 
-#include "r_sce.h"
-#include <wolfssl/wolfcrypt/settings.h>
-#include <wolfssl/wolfcrypt/logging.h>
+
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h>
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
-#define SCE_SESSIONKEY_NONCE_SIZE           8
-#define WOLFSSL_SCE_ILLEGAL_CIPHERSUITE     -1
-
-#define MAX_SCE_CBINDEX 5
+#define WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE     -1
+#define MAX_FSPSM_CBINDEX 5
 
-typedef void* renesas_sce_wrappedkey;
+typedef void* FSP_W_KEYVAR;
 
 /* flsgas related to TLS */
-struct sce_keyflgs_tls {
+struct FSPSM_tls_flg_ST {
     uint8_t pk_key_set:1;
     uint8_t session_key_set:1;
 };
 
 /* flags Crypt Only */
-struct sce_keyflgs_cryt {
+struct FSPSM_key_flg_ST {
     uint8_t aes256_installedkey_set:1;
     uint8_t aes128_installedkey_set:1;
     uint8_t rsapri2048_installedkey_set:1;
@@ -53,108 +50,109 @@ struct sce_keyflgs_cryt {
     uint8_t message_type:1;/*message 0, hashed 1*/
 };
 
-typedef struct tagUser_SCEPKCbInfo {
+typedef struct FSPSM_tag_ST {
     /* unique number for each session */
     int devId;
-   #if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-        !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+   #if defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+        !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     /* out from R_SCE_TLS_ServerKeyExchangeVerify */
-    uint32_t encrypted_ephemeral_ecdh_public_key[SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ];
+    uint32_t
+        encrypted_ephemeral_ecdh_public_key[FSPSM_TLS_ENCRYPTED_ECCPUBKEY_SZ];
     /* out from R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate */
     sce_tls_p256_ecc_wrapped_key_t ecc_p256_wrapped_key;
     uint8_t ecc_ecdh_public_key[HW_SCE_ECC_PUBLIC_KEY_BYTE_SIZE];
-    
-    uint32_t    sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE/4];
-    uint8_t     sce_clientRandom[SCE_TLS_CLIENTRANDOM_SZ];
-    uint8_t     sce_serverRandom[SCE_TLS_SERVERRANDOM_SZ];
-    uint8_t     sce_cipher;
+
+    uint32_t    masterSecret[FSPSM_TLS_MASTERSECRET_SIZE/4];
+    uint8_t     clientRandom[FSPSM_TLS_CLIENTRANDOM_SZ];
+    uint8_t     serverRandom[FSPSM_TLS_SERVERRANDOM_SZ];
+    uint8_t     cipher;
 
    #endif
-    
+
     /* installed key handling */
     /* aes */
-    renesas_sce_wrappedkey   sce_wrapped_key_aes256;
-    renesas_sce_wrappedkey   sce_wrapped_key_aes128;
-    
-   #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+    FSP_W_KEYVAR   wrapped_key_aes256;
+    FSP_W_KEYVAR   wrapped_key_aes128;
+
+   #if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     /* rsa */
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapri2048;
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapub2048;
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapri1024;
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapub1024;
+    FSP_W_KEYVAR   wrapped_key_rsapri2048;
+    FSP_W_KEYVAR   wrapped_key_rsapub2048;
+    FSP_W_KEYVAR   wrapped_key_rsapri1024;
+    FSP_W_KEYVAR   wrapped_key_rsapub1024;
    #endif
-    
+
     /* key status flags */
     /* flag whether encrypted ec key is set */
     union {
         uint8_t chr;
-        struct sce_keyflgs_tls bits;
+        struct FSPSM_tls_flg_ST bits;
     } keyflgs_tls;
     /* key status flags */
     /* flags shows status if wrapped keys are installed */
     union {
         uint8_t chr;
-        struct sce_keyflgs_cryt bits;
+        struct FSPSM_key_flg_ST bits;
     } keyflgs_crypt;
-    
-} User_SCEPKCbInfo;
 
-typedef struct tagSCE_PKCbInfo {
-    User_SCEPKCbInfo *user_PKCbInfo[MAX_SCE_CBINDEX];
+} FSPSM_ST;
+
+typedef struct tagPKCbInfo {
+    FSPSM_ST    *user_PKCbInfo[MAX_FSPSM_CBINDEX];
     uint32_t    num_session;
-} SCE_PKCbInfo;
+} FSPSM_ST_PKC;
 
 typedef struct
 {
     uint8_t                          *encrypted_provisioning_key;
     uint8_t                          *iv;
     uint8_t                          *encrypted_user_tls_key;
-    uint32_t                          encrypted_user_tls_key_type;
-    sce_tls_ca_certification_public_wrapped_key_t  user_rsa2048_tls_wrappedkey;
-} sce_key_data;
-    
+    uint32_t                         encrypted_user_tls_key_type;
+    FSPSM_CACERT_PUB_WKEY            user_rsa2048_tls_wrappedkey;
+} fspsm_key_data;
+
 struct WOLFSSL;
 struct WOLFSSL_CTX;
 struct ecc_key;
-    
-WOLFSSL_LOCAL int     wc_sce_Open();
-WOLFSSL_LOCAL void    wc_sce_Close();
-WOLFSSL_LOCAL int     wc_sce_hw_lock();
-WOLFSSL_LOCAL void    wc_sce_hw_unlock( void );
-WOLFSSL_LOCAL int     wc_sce_usable(const struct WOLFSSL *ssl, 
+
+WOLFSSL_LOCAL int     wc_fspsm_Open();
+WOLFSSL_LOCAL void    wc_fspsm_Close();
+WOLFSSL_LOCAL int     wc_fspsm_hw_lock();
+WOLFSSL_LOCAL void    wc_fspsm_hw_unlock( void );
+WOLFSSL_LOCAL int     wc_fspsm_usable(const struct WOLFSSL *ssl, 
                                     uint8_t session_key_generated);
 
 typedef struct {
-    sce_aes_wrapped_key_t   sce_wrapped_key;
-    word32                  keySize;
-    byte                    setup;
-} SCE_AES_CTX;
+    FSPSM_AES_WKEY   wrapped_key;
+    word32           keySize;
+    byte             setup;
+} FSPSM_AES_CTX;
 
 struct Aes;
-WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in,
-                             word32 sz);
-WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in,
-                             word32 sz);
+WOLFSSL_LOCAL int wc_fspsm_AesCbcEncrypt(struct Aes* aes, byte* out,
+                        const byte* in, word32 sz);
+WOLFSSL_LOCAL int wc_fspsm_AesCbcDecrypt(struct Aes* aes, byte* out,
+                        const byte* in, word32 sz);
 
-WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
                           const byte* in, word32 sz,
                           byte* iv, word32 ivSz,
                           byte* authTag, word32 authTagSz,
                           const byte* authIn, word32 authInSz,
                           void* ctx);
 
-WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
                           const byte* in, word32 sz,
                           const byte* iv, word32 ivSz,
                           const byte* authTag, word32 authTagSz,
                           const byte* authIn, word32 authInSz,
                           void* ctx);
-                          
-#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+
+#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
 
 typedef enum {
-    SCE_SHA256 = 1,
-} SCE_SHA_TYPE;
+    FSPSM_SHA256 = 1,
+} FSPSM_SHA_TYPE;
 
 typedef struct {
     byte*  msg;
@@ -166,20 +164,20 @@ typedef struct {
     word32 flags;
     int devId;
 #endif
-} wolfssl_SCE_Hash;
+} wolfssl_FSPSM_Hash;
 
 /* RAW hash function APIs are not implemented with SCE */
 #undef  WOLFSSL_NO_HASH_RAW
 #define WOLFSSL_NO_HASH_RAW
 
-typedef wolfssl_SCE_Hash wc_Sha256;
+typedef wolfssl_FSPSM_Hash wc_Sha256;
 
 #endif /* NO_SHA */
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-        !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPT_ONLY)
-        
-WOLFSSL_LOCAL int     wc_sce_tls_RootCertVerify(
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+        !defined(WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY)
+
+WOLFSSL_LOCAL int     wc_fspsm_tls_RootCertVerify(
             const   uint8_t* cert,         uint32_t cert_len,
             uint32_t  key_n_start,        uint32_t key_n_len,
             uint32_t  key_e_start,        uint32_t key_e_len,
@@ -193,46 +191,46 @@ WOLFSSL_LOCAL int     wc_sce_tls_CertVerify(
             uint8_t*   sce_encRsaKeyIdx);
 
 
-WOLFSSL_LOCAL int     wc_sce_generatePremasterSecret(
+WOLFSSL_LOCAL int     wc_fspsm_generatePremasterSecret(
             uint8_t*   premaster,
             uint32_t  preSz);
 
-WOLFSSL_LOCAL int     wc_sce_generateEncryptPreMasterSecret(
-            struct WOLFSSL* ssl, 
-            uint8_t*           out, 
+WOLFSSL_LOCAL int     wc_fspsm_generateEncryptPreMasterSecret(
+            struct WOLFSSL* ssl,
+            uint8_t*           out,
             uint32_t*         outSz);
 
-WOLFSSL_LOCAL int     wc_sce_Sha256GenerateHmac(
+WOLFSSL_LOCAL int     wc_fspsm_Sha256GenerateHmac(
             const struct WOLFSSL *ssl,
-            const uint8_t* myInner, 
+            const uint8_t* myInner,
             uint32_t      innerSz,
             const uint8_t* in,
             uint32_t      sz,
             uint8_t*       digest);
-    
-WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(
+
+WOLFSSL_LOCAL int wc_fspsm_Sha256VerifyHmac(
         const struct WOLFSSL *ssl,
-        const uint8_t* message, 
+        const uint8_t* message,
         uint32_t      messageSz,
         uint32_t      macSz,
         uint32_t      content);
 
-WOLFSSL_LOCAL int wc_sce_storeKeyCtx(
+WOLFSSL_LOCAL int wc_fspsm_storeKeyCtx(
         struct WOLFSSL* ssl,
-        User_SCEPKCbInfo* info);
+        FSPSM_ST* info);
 
-WOLFSSL_LOCAL int wc_sce_generateVerifyData(
+WOLFSSL_LOCAL int wc_fspsm_generateVerifyData(
         const uint8_t*  ms, /* master secret */
         const uint8_t*  side,
         const uint8_t*  handshake_hash,
         uint8_t*        hashes /* out */);
 
-WOLFSSL_LOCAL int wc_sce_generateSessionKey(
+WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(
         struct WOLFSSL*   ssl,
-        User_SCEPKCbInfo* cbInfo, 
+        FSPSM_ST* cbInfo,
         int               devId);
-        
-WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
+
+WOLFSSL_LOCAL int wc_fspsm_generateMasterSecret(
         uint8_t        cipherSuiteFirst,
         uint8_t        cipherSuite,
         const uint8_t *pr, /* pre-master    */
@@ -240,39 +238,50 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
         const uint8_t *sr, /* server random */
         uint8_t *ms);
 
-WOLFSSL_LOCAL int wc_SCE_RsaVerify(struct WOLFSSL* ssl, byte* sig, uint32_t sigSz,
-        uint8_t** out, const byte* key, uint32_t keySz, void* ctx);
-WOLFSSL_LOCAL int wc_SCE_EccVerify(struct WOLFSSL* ssl, const uint8_t* sig, uint32_t sigSz,
-        const uint8_t* hash, uint32_t hashSz, const uint8_t* key, uint32_t keySz,
-        int* result, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_RsaVerifyTLS(struct WOLFSSL* ssl, byte* sig,
+                        uint32_t sigSz, uint8_t** out,
+                        const byte* key, uint32_t keySz, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(struct WOLFSSL* ssl,
+                        const uint8_t* sig, uint32_t sigSz,
+                        const uint8_t* hash, uint32_t hashSz,
+                        const uint8_t* key, uint32_t keySz,
+                        int* result, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_tls_CertVerify(
+        const uint8_t* cert,       uint32_t certSz,
+        const uint8_t* signature,  uint32_t sigSz,
+        uint32_t      key_n_start,uint32_t key_n_len,
+        uint32_t      key_e_start,uint32_t key_e_len,
+        uint8_t*      fspsm_encPublickey);
+
 /* Callback for EccShareSecret */
-WOLFSSL_LOCAL int SCE_EccSharedSecret(struct WOLFSSL* ssl, struct ecc_key* otherKey,
-        uint8_t* pubKeyDer, unsigned int* pubKeySz,
-        uint8_t* out, unsigned int* outlen, int side, void* ctx);
+WOLFSSL_LOCAL int fspsm_EccSharedSecret(struct WOLFSSL* ssl,
+            struct ecc_key* otherKey,
+            uint8_t* pubKeyDer, unsigned int* pubKeySz,
+            uint8_t* out, unsigned int* outlen, int side, void* ctx);
 
 /* user API */
-WOLFSSL_API void wc_sce_inform_user_keys(
+WOLFSSL_API void FSPSM_INFORM_FUNC(
     uint8_t*     encrypted_provisioning_key,
     uint8_t*     iv,
     uint8_t*     encrypted_user_tls_key,
     uint32_t    encrypted_user_tls_key_type);
 
-WOLFSSL_API void wc_sce_set_callbacks(struct WOLFSSL_CTX* ctx);
-WOLFSSL_API int  wc_sce_set_callback_ctx(struct WOLFSSL* ssl, void* user_ctx);
-WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign);
+WOLFSSL_API void FSPSM_CALLBACK_FUNC(struct WOLFSSL_CTX* ctx);
+WOLFSSL_API int  FSPSM_CALLBACK_CTX_FUNC(struct WOLFSSL* ssl, void* user_ctx);
+WOLFSSL_API void FSPSM_INFORM_CERT_SIGN(const uint8_t *sign);
 
 /* rsa */
 struct RsaKey;
 struct WC_RNG;
-WOLFSSL_API int  wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
+WOLFSSL_API int  wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
     word32 outLen, int type, struct RsaKey* key, struct WC_RNG* rng, void* ctx);
-WOLFSSL_API int  wc_sce_MakeRsaKey(int size, void* ctx);
-WOLFSSL_API int  wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
+WOLFSSL_API int  wc_fspsm_MakeRsaKey(int size, void* ctx);
+WOLFSSL_API int  wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
                     word32* outLen, struct RsaKey* key, void* ctx);
-WOLFSSL_API int  wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
+WOLFSSL_API int  wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
                     word32* outLen,struct RsaKey* key, void* ctx);
 
-#endif  /* WOLFSSL_RENESAS_SCEPROTECT && 
-         * !WOLFSSL_RENESAS_SCEPROTECT_CRYPT_ONLY */
+#endif  /* WOLFSSL_RENESAS_FSPSM_TLS && 
+         * !WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY */
 
-#endif  /* __RENESAS_SCE_CRYPT_H__ */
+#endif  /* __RENESAS_FSPSM_CRYPT_H__ */

wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h

@@ -0,0 +1,152 @@
+/* renesas-fsp-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef __RENESAS_FSP_CRYPT_H__
+#define __RENESAS_FSP_CRYPT_H__
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/logging.h>
+
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+
+#    include "r_sce.h"
+
+#define FSPSM_W_KEYVAR          renesas_sce_wrappedkey
+#define FSPSM_tls_flg_ST        sce_keyflgs_tls
+#define FSPSM_key_flg_ST        sce_keyflgs_cryt
+#define FSPSM_tag_ST            tagUser_SCEPKCbInfo
+#define FSPSM_ST                User_SCEPKCbInfo
+#define FSPSM_ST_PKC            SCE_PKCbInfo
+
+/* map SCE API to macro */
+#define FSPSM_INSTANCE          sce_instance_ctrl_t
+#define gFSPSM_ctrl             sce_ctrl
+#define FSPSM_CONFIG            sce_cfg_t
+#define gFSPSM_cfg              sce_cfg
+#define FSPSM_OPEN              R_SCE_Open
+#define FSPSM_CLOSE             R_SCE_Close
+
+#define FSPSM_ROOTCA_RSA2048    R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall
+#define FSPSM_TLS_SVRKEYExVfy   R_SCE_TLS_ServerKeyExchangeVerify
+#define FSPSM_TLS_ECCS256R1_KPG \
+                        R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate
+#define FSPSM_TLS_PREMASTERGEN \
+                        R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1
+/* hmac */
+#define FSPSM_S256HMAC_GInt   R_SCE_SHA256HMAC_GenerateInit
+#define FSPSM_S256HMAC_GUp    R_SCE_SHA256HMAC_GenerateUpdate
+#define FSPSM_S256HMAC_GFnl   R_SCE_SHA256HMAC_GenerateFinal
+#define FSPSM_S256HMAC_VInt   R_SCE_SHA256HMAC_VerifyInit
+#define FSPSM_S256HMAC_VUp    R_SCE_SHA256HMAC_VerifyUpdate
+#define FSPSM_S256HMAC_VFnl   R_SCE_SHA256HMAC_VerifyFinal
+#define FSPSM_HMAC_HANDLE     sce_hmac_sha_handle_t
+#define FSPSM_HMAC_WKEY       sce_hmac_sha_wrapped_key_t
+
+/* TLS */
+#define FSPSM_SESSIONKEY_GEN_FUNC R_SCE_TLS_SessionKeyGenerate
+#define FSPSM_MASTERSECRET_GEN_FUNC R_SCE_TLS_MasterSecretGenerate
+#define FSPSM_PREGEN_FUNC       R_SCE_TLS_PreMasterSecretGenerateForRSA2048
+#define FSPSM_PREGENENC_FUNC    R_SCE_TLS_PreMasterSecretEncryptWithRSA2048
+
+/* certificate */
+#define FSPSM_TLSCERT_VRY       R_SCE_TLS_CertificateVerify
+#define FSPSM_TLSROOTCERT_VRY   R_SCE_TLS_RootCertificateVerify
+#define FSPSM_CACERT_PUB_WKEY   sce_tls_ca_certification_public_wrapped_key_t
+
+/* verify data */
+#define FSPSM_VERIFY_DATA_FUNC  R_SCE_TLS_VerifyDataGenerate
+
+/* aes */
+#define FSPSM_AES_WKEY          sce_aes_wrapped_key_t
+#define FSPSM_AESGCM_HANDLE     sce_gcm_handle_t
+#define FSPSM_AES_HANDLE        sce_aes_handle_t
+/* aes 128 cbc */
+#define FSPSM_AES128CBCEnc_Init    R_SCE_AES128CBC_EncryptInit
+#define FSPSM_AES128CBCEnc_Up      R_SCE_AES128CBC_EncryptUpdate
+#define FSPSM_AES128CBCEnc_Final   R_SCE_AES128CBC_EncryptFinal
+#define FSPSM_AES128CBCDec_Init    R_SCE_AES128CBC_DecryptInit
+#define FSPSM_AES128CBCDec_Up      R_SCE_AES128CBC_DecryptUpdate
+#define FSPSM_AES128CBCDec_Final   R_SCE_AES128CBC_DecryptFinal
+
+/* aes 256 cbc */
+#define FSPSM_AES256CBCEnc_Init    R_SCE_AES256CBC_EncryptInit
+#define FSPSM_AES256CBCEnc_Up      R_SCE_AES256CBC_EncryptUpdate
+#define FSPSM_AES256CBCEnc_Final   R_SCE_AES256CBC_EncryptFinal
+#define FSPSM_AES256CBCDec_Init    R_SCE_AES256CBC_DecryptInit
+#define FSPSM_AES256CBCDec_Up      R_SCE_AES256CBC_DecryptUpdate
+#define FSPSM_AES256CBCDec_Final   R_SCE_AES256CBC_DecryptFinal
+
+/* aes128 gcm */
+#define FSPSM_AES128GCMEnc_Init    R_SCE_AES128GCM_EncryptInit
+#define FSPSM_AES128GCMEnc_Up      R_SCE_AES128GCM_EncryptUpdate
+#define FSPSM_AES128GCMEnc_Final   R_SCE_AES128GCM_EncryptFinal
+#define FSPSM_AES128GCMDec_Init    R_SCE_AES128GCM_DecryptInit
+#define FSPSM_AES128GCMDec_Up      R_SCE_AES128GCM_DecryptUpdate
+#define FSPSM_AES128GCMDec_Final   R_SCE_AES128GCM_DecryptFinal
+
+/* aes256 gcm */
+#define FSPSM_AES256GCMEnc_Init    R_SCE_AES256GCM_EncryptInit
+#define FSPSM_AES256GCMEnc_Up      R_SCE_AES256GCM_EncryptUpdate
+#define FSPSM_AES256GCMEnc_Final   R_SCE_AES256GCM_EncryptFinal
+#define FSPSM_AES256GCMDec_Init    R_SCE_AES256GCM_DecryptInit
+#define FSPSM_AES256GCMDec_Up      R_SCE_AES256GCM_DecryptUpdate
+#define FSPSM_AES256GCMDec_Final   R_SCE_AES256GCM_DecryptFinal
+
+/* rsa */
+/* rsa data */
+#define FSPSM_RSA_DATA          sce_rsa_byte_data_t
+/* rsa 1024 key */
+#define FSPSM_RSA1024_WPA_KEY   sce_rsa1024_wrapped_pair_key_t
+#define FSPSM_RSA1024_WPB_KEY   sce_rsa1024_public_wrapped_key_t
+#define FSPSM_RSA1024_WPI_KEY   sce_rsa1024_private_wrapped_key_t
+/* rsa 2048 key */
+#define FSPSM_RSA2048_WPA_KEY   sce_rsa2048_wrapped_pair_key_t
+#define FSPSM_RSA2048_WPB_KEY   sce_rsa2048_public_wrapped_key_t
+#define FSPSM_RSA2048_WPI_KEY   sce_rsa2048_private_wrapped_key_t
+
+/* rsa key gen */
+#define FSPSM_RSA1024_KEYPA_GEN R_SCE_RSA1024_WrappedKeyPairGenerate
+#define FSPSM_RSA2048_KEYPA_GEN R_SCE_RSA2048_WrappedKeyPairGenerate
+
+/* rsa function */
+#define FSPSM_RSA1024_PKCSENC_FUNC R_SCE_RSAES_PKCS1024_Encrypt
+#define FSPSM_RSA2048_PKCSENC_FUNC R_SCE_RSAES_PKCS2048_Encrypt
+#define FSPSM_RSA1024_PKCSDEC_FUNC R_SCE_RSAES_PKCS1024_Decrypt
+#define FSPSM_RSA2048_PKCSDEC_FUNC R_SCE_RSAES_PKCS2048_Decrypt
+#define FSPSM_RSA1024_SIGN_FUNC R_SCE_RSASSA_PKCS1024_SignatureGenerate
+#define FSPSM_RSA2048_SIGN_FUNC R_SCE_RSASSA_PKCS2048_SignatureGenerate
+#define FSPSM_RSA1024_VRY_FUNC R_SCE_RSASSA_PKCS1024_SignatureVerify
+#define FSPSM_RSA2048_VRY_FUNC R_SCE_RSASSA_PKCS2048_SignatureVerify
+/* sha */
+#define FSPSM_SHA_HANDLE    sce_sha_md5_handle_t
+#define FSPSM_SHA256_Init   R_SCE_SHA256_Init
+#define FSPSM_SHA256_Up     R_SCE_SHA256_Update
+#define FSPSM_SHA256_Final  R_SCE_SHA256_Final
+
+/* user API */
+#define FSPSM_INFORM_FUNC       wc_sce_inform_user_keys
+#define FSPSM_CALLBACK_FUNC     wc_sce_set_callbacks
+#define FSPSM_CALLBACK_CTX_FUNC wc_sce_set_callback_ctx
+#define FSPSM_INFORM_CERT_SIGN  wc_sce_inform_cert_sign
+
+#endif
+
+#endif /* __RENESAS_FSP_CRYPT_H__ */

wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h

@@ -75,4 +75,8 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
         word32 key_e_len, word32 cm_row);
 WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl);
 WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx);
+WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
+                            const byte *handshake_hash, word32 hashSz,
+                            byte *hashes, void* ctx);
+WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx);
 #endif /* __RENESAS_CMN_H__ */

wolfssl/wolfcrypt/settings.h

@@ -417,15 +417,15 @@
 #endif
 
 #if defined(WOLFSSL_RENESAS_SCEPROTECT)
-    #define SCE_TLS_MASTERSECRET_SIZE         80  /* 20 words */
+    #define FSPSM_TLS_MASTERSECRET_SIZE         80  /* 20 words */
     #define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE  64
-    #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in bytes */
-    #define SCE_TLS_CLIENTRANDOM_SZ           36  /* in bytes */
-    #define SCE_TLS_SERVERRANDOM_SZ           36  /* in bytes */
-    #define SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ    96  /* in bytes */
+    #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560   /* in bytes */
+    #define FSPSM_TLS_CLIENTRANDOM_SZ           36  /* in bytes */
+    #define FSPSM_TLS_SERVERRANDOM_SZ           36  /* in bytes */
+    #define FSPSM_TLS_ENCRYPTED_ECCPUBKEY_SZ    96  /* in bytes */
 
-    #define WOLFSSL_RENESAS_SCEPROTECT_ECC
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
+    #define WOLFSSL_RENESAS_FSPSM_ECC
+    #if defined(WOLFSSL_RENESAS_FSPSM_ECC)
         #define HAVE_PK_CALLBACKS
         /* #define DEBUG_PK_CB */
     #endif

wolfssl/wolfcrypt/sha256.h

@@ -134,10 +134,9 @@ enum {
        defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h"
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-   !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
-    #include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
+#elif defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
 #elif defined(WOLFSSL_RENESAS_RX64_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
 #else