aboutsummaryrefslogtreecommitdiff
path: root/components/service/crypto/client/cpp/crypto_client.h
blob: 391f521a59f437745eb25ca16ab1e30aea06c93a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/*
 * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#ifndef CRYPTO_CLIENT_H
#define CRYPTO_CLIENT_H

#include <cstdint>
#include <psa/crypto.h>
#include <service/crypto/protobuf/key_attributes.pb.h>


struct rpc_caller;

/** Provides a client interface for accessing an instance of the PSA Crypto service.
 **/
class crypto_client
{
public:
    crypto_client(struct rpc_caller *caller);
    virtual ~crypto_client();

    int err_rpc_status() const;

    /* Key lifecycle methods */
    psa_status_t generate_key(const psa_key_attributes_t *attributes, psa_key_handle_t *handle);
    psa_status_t destroy_key(psa_key_handle_t handle);
    psa_status_t open_key(psa_key_id_t id, psa_key_handle_t *handle);
    psa_status_t close_key(psa_key_handle_t handle);
    psa_status_t import_key(const psa_key_attributes_t *attributes,
                            const uint8_t *data, size_t data_length, psa_key_handle_t *handle);

    /* Key export methods */
    psa_status_t export_key(psa_key_handle_t handle,
                            uint8_t *data, size_t data_size,
                            size_t *data_length);
    psa_status_t export_public_key(psa_key_handle_t handle,
                            uint8_t *data, size_t data_size, size_t *data_length);

    /* Sign/verify methods */
    psa_status_t sign_hash(psa_key_handle_t handle, psa_algorithm_t alg,
                            const uint8_t *hash, size_t hash_length,
                            uint8_t *signature, size_t signature_size, size_t *signature_length);
    psa_status_t verify_hash(psa_key_handle_t handle, psa_algorithm_t alg,
                            const uint8_t *hash, size_t hash_length,
                            const uint8_t *signature, size_t signature_length);

    /* Asymmetric encrypt/decrypt */
    psa_status_t asymmetric_encrypt(psa_key_handle_t handle, psa_algorithm_t alg,
                            const uint8_t *input, size_t input_length,
                            const uint8_t *salt, size_t salt_length,
                            uint8_t *output, size_t output_size, size_t *output_length);
    psa_status_t asymmetric_decrypt(psa_key_handle_t handle, psa_algorithm_t alg,
                            const uint8_t *input, size_t input_length,
                            const uint8_t *salt, size_t salt_length,
                            uint8_t *output, size_t output_size, size_t *output_length);

    /* Random number generation */
    psa_status_t generate_random(uint8_t *output, size_t output_size);

protected:
    crypto_client();
    void set_caller(struct rpc_caller *caller) {m_caller = caller;}

private:

    void translate_key_attributes(ts_crypto_KeyAttributes &proto_attributes,
                            const psa_key_attributes_t &psa_attributes);

    struct rpc_caller *m_caller;
    int m_err_rpc_status;
};

#endif /* CRYPTO_CLIENT_H */