Hardware-Accelerator Crypto

[maxgerhardt]

On the Uno R4 WiFi, I'd like to make use of the Renesas' chips SCE (Secure Cryptography Engine). According to the .h file, the chip does that peripheral.

ArduinoCore-renesas/variants/UNOWIFIR4/includes/ra/fsp/src/bsp/mcu/ra4m1/bsp_feature.h

Lines 97 to 99 in 80faaf8

	#define BSP_FEATURE_BSP_HAS_SCE5 (1)
	#define BSP_FEATURE_CRYPTO_HAS_SCE5B (0)
	#define BSP_FEATURE_CRYPTO_HAS_SCE5 (1)

In docs:

And r_sce_if.h seems to be the main header that declares the availble functions.

Creating a new .c file and writing a small test program

#include <r_sce_if.h>

void test() {
    const char* msg = "Hello";
    sce_sha_md5_handle_t ctx;
    uint8_t sha256_out[256 / 8];
    uint32_t digestLen = 256/8;
    HW_SCE_McuSpecificInit();
    HW_SCE_Sha256Init(&ctx);
    HW_SCE_Sha256Update(&ctx, (uint8_t*)msg, strlen(msg));
    HW_SCE_Sha256Final(&ctx, sha256_out, &digestLen);

    printf("Hash: ");
    for(int i=0; i < 256/8; i++) printf("%02x", sha256_out[i]);
    printf("\n");
}

fails at the linking stage with

main.c:(.text.test+0xe): undefined reference to `HW_SCE_Sha256Init'
main.c:(.text.test+0x20): undefined reference to `HW_SCE_Sha256Update'
main.c:(.text.test+0x2a): undefined reference to `HW_SCE_Sha256Final'

Some related datasheets very unhelpfully say

And the implementation of HW_SCE_Sha256Init() and related is nowhere to be found in the FSP (neither v4.0 that you used for this core nor the current version).

Am I blind or do I have to sign a freaking NDA with Renesas to use the crypto accelerator hardware in a chip I already paid money for?

[facchinm]

Hi @maxgerhardt ,
the R4 only supports AES but for some reason the symbols are declared with a Sub suffix 🕵️

nm variants/UNOWIFIR4/libs/libfsp.a | grep HW_SCE

will show you all the APIs compiled in, and the output is like

00000001 T HW_SCE_SelfCheck1SubSub
00000001 T HW_SCE_SelfCheck2SubSub
00000001 T HW_SCE_Aes192EncryptDecryptFinalSub
00000001 T HW_SCE_Aes192EncryptDecryptInitSub
00000001 T HW_SCE_Aes192EncryptDecryptUpdateSub
00000001 T HW_SCE_Aes192GcmDecryptFinalSub
00000001 T HW_SCE_Aes192GcmDecryptInitSub
00000001 T HW_SCE_Aes192GcmDecryptUpdateAADSub
00000001 T HW_SCE_Aes192GcmDecryptUpdateSub
00000001 T HW_SCE_Aes192GcmDecryptUpdateTransitionSub
00000001 T HW_SCE_Aes192GcmEncryptFinalSub
00000001 T HW_SCE_Aes192GcmEncryptInitSub
00000001 T HW_SCE_Aes192GcmEncryptUpdateAADSub
00000001 T HW_SCE_Aes192GcmEncryptUpdateSub
00000001 T HW_SCE_Aes192GcmEncryptUpdateTransitionSub
         U HW_SCE_GenerateAes128PlainKeyIndexSub
         U HW_SCE_GenerateAes256PlainKeyIndexSub
00000001 T HW_SCE_GenerateOemKeyIndexPrivate
         U HW_SCE_GenerateRandomNumberSub
00000001 T HW_SCE_McuSpecificInit
00000001 T HW_SCE_RNG_Read
         U HW_SCE_SelfCheck1Sub
         U HW_SCE_SelfCheck2Sub
         U HW_SCE_SoftwareResetSub

[maxgerhardt]

You're right, I misread "GHASH" as general hash, but it's 'just' the hash function used in the AES-GCM mode. Also.. it only seems to have the GCM mode, not an other mode (ECB, CBC, ...). That's really weird.

In any case, I think I should file this in the FSP repo first, then we can maybe update here. It'd be nice to take full advantage of the crypto acceleration this chip does have. Will reopen as needed.