Replace mbedcrypto dependency with Mbed TLS

Mbedcrypto as a separate project is deprecated, it was merged back to
Mbed TLS. This commit updates the external dependency to use Mbed TLS.
Since the current version of Mbed TLS uses the PSA Crypto API v1.0.0,
the commit also makes the necessary changes to get in sync with this.

Mbed TLS is capable of building three different libraries, but we only
need libmbedcrypto.a out of these. An extra step is added to configure
Mbed TLS to only produce this one, to shorten the build time.

Mbed TLS provides a method to override the necessary options of its
built-in default config, instead of providing a complete customized
config file. This makes the config easier to read, since only those
options are captured where we want to differ from the default. The
current full config file is removed and replaced using this format.

The changes introduced to get compatible with PSA Crypto API v1.0.0:

* The psa_open_key() and psa_close_key() functions were removed from the
  API specification, remove all references from the code.

* The key identifier and key handle concepts were merged in the API,
  replace all uses of psa_key_handle_t with psa_key_id_t.

* Several internal implementation macros were removed from the API.
  Remove these from the code and replace with API macros where
  necessary.

* The PSA_ALG_xxx and PSA_KEY_USAGE_xxx macros have new values in the
  API, update the code to reflect these changes.

* The PSA_ECC_xxx and PSA_DH_xxx macros were renamed in the API. Update
  the code to reflect these changes.

Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Change-Id: I4d721717d9ff33b6bac85cfcb482ea719bec1b31
diff --git a/protocols/service/crypto/packed-c/asymmetric_decrypt.h b/protocols/service/crypto/packed-c/asymmetric_decrypt.h
index 04c2c6a..ec78314 100644
--- a/protocols/service/crypto/packed-c/asymmetric_decrypt.h
+++ b/protocols/service/crypto/packed-c/asymmetric_decrypt.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_asymmetric_decrypt_in
 {
-  uint32_t handle;
+  uint32_t id;
   uint32_t alg;
 };
 
diff --git a/protocols/service/crypto/packed-c/asymmetric_encrypt.h b/protocols/service/crypto/packed-c/asymmetric_encrypt.h
index 9854a95..3d21962 100644
--- a/protocols/service/crypto/packed-c/asymmetric_encrypt.h
+++ b/protocols/service/crypto/packed-c/asymmetric_encrypt.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_asymmetric_encrypt_in
 {
-  uint32_t handle;
+  uint32_t id;
   uint32_t alg;
 };
 
diff --git a/protocols/service/crypto/packed-c/close_key.h b/protocols/service/crypto/packed-c/close_key.h
deleted file mode 100644
index db66c18..0000000
--- a/protocols/service/crypto/packed-c/close_key.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef TS_CRYPTO_CLOSE_KEY_H
-#define TS_CRYPTO_CLOSE_KEY_H
-
-#include <stdint.h>
-
-/* Mandatory fixed sized input parameters */
-struct __attribute__ ((__packed__)) ts_crypto_close_key_in
-{
-  uint32_t handle;
-};
-
-#endif /* TS_CRYPTO_CLOSE_KEY_H */
\ No newline at end of file
diff --git a/protocols/service/crypto/packed-c/destroy_key.h b/protocols/service/crypto/packed-c/destroy_key.h
index c14d9ea..7de371f 100644
--- a/protocols/service/crypto/packed-c/destroy_key.h
+++ b/protocols/service/crypto/packed-c/destroy_key.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_destroy_key_in
 {
-  uint32_t handle;
+  uint32_t id;
 };
 
 #endif /* TS_CRYPTO_DESTROY_KEY_H */
diff --git a/protocols/service/crypto/packed-c/export_key.h b/protocols/service/crypto/packed-c/export_key.h
index 3cc0a3c..7f8813a 100644
--- a/protocols/service/crypto/packed-c/export_key.h
+++ b/protocols/service/crypto/packed-c/export_key.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_export_key_in
 {
-  uint32_t handle;
+  uint32_t id;
 };
 
 /* Variable length output parameter tags */
diff --git a/protocols/service/crypto/packed-c/export_public_key.h b/protocols/service/crypto/packed-c/export_public_key.h
index 0644e22..18050f3 100644
--- a/protocols/service/crypto/packed-c/export_public_key.h
+++ b/protocols/service/crypto/packed-c/export_public_key.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_export_public_key_in
 {
-  uint32_t handle;
+  uint32_t id;
 };
 
 /* Variable length output parameter tags */
diff --git a/protocols/service/crypto/packed-c/generate_key.h b/protocols/service/crypto/packed-c/generate_key.h
index 828cf69..40fe9cb 100644
--- a/protocols/service/crypto/packed-c/generate_key.h
+++ b/protocols/service/crypto/packed-c/generate_key.h
@@ -18,7 +18,7 @@
 /* Mandatory fixed sized output parameters */
 struct __attribute__ ((__packed__)) ts_crypto_generate_key_out
 {
-  uint32_t handle;
+  uint32_t id;
 };
 
 #endif /* TS_CRYPTO_GENERATE_KEY_H */
diff --git a/protocols/service/crypto/packed-c/import_key.h b/protocols/service/crypto/packed-c/import_key.h
index 810151e..146c0eb 100644
--- a/protocols/service/crypto/packed-c/import_key.h
+++ b/protocols/service/crypto/packed-c/import_key.h
@@ -24,7 +24,7 @@
 /* Mandatory fixed sized output parameters */
 struct __attribute__ ((__packed__)) ts_crypto_import_key_out
 {
-  uint32_t handle;
+  uint32_t id;
 };
 
 #endif /* TS_CRYPTO_IMPORT_KEY_H */
diff --git a/protocols/service/crypto/packed-c/key_attributes.h b/protocols/service/crypto/packed-c/key_attributes.h
index 881a8f5..473813b 100644
--- a/protocols/service/crypto/packed-c/key_attributes.h
+++ b/protocols/service/crypto/packed-c/key_attributes.h
@@ -20,73 +20,54 @@
 #define TS_CRYPTO_KEY_TYPE_CHACHA20               (0x2004)
 #define TS_CRYPTO_KEY_TYPE_RSA_PUBLIC_KEY         (0x4001)
 #define TS_CRYPTO_KEY_TYPE_RSA_KEY_PAIR           (0x7001)
-#define TS_CRYPTO_KEY_TYPE_ECC_PUBLIC_KEY_BASE    (0x4100)
-#define TS_CRYPTO_KEY_TYPE_ECC_KEY_PAIR_BASE      (0x7100)
-#define TS_CRYPTO_KEY_TYPE_ECC_CURVE_MASK         (0x00ff)
-#define TS_CRYPTO_KEY_TYPE_DH_PUBLIC_KEY_BASE     (0x4200)
-#define TS_CRYPTO_KEY_TYPE_DH_KEY_PAIR_BASE       (0x7200)
-#define TS_CRYPTO_KEY_TYPE_DH_GROUP_MASK          (0x00ff)
 
 /* ECC curves for use with ECC Key types */
-#define TS_CRYPTO_ECC_CURVE_NONE                  (0x00)
-#define TS_CRYPTO_ECC_CURVE_SECP_K1               (0x17)
-#define TS_CRYPTO_ECC_CURVE_SECP_R1               (0x12)
-#define TS_CRYPTO_ECC_CURVE_SECP_R2               (0x1b)
-#define TS_CRYPTO_ECC_CURVE_SECT_K1               (0x27)
-#define TS_CRYPTO_ECC_CURVE_SECT_R1               (0x22)
-#define TS_CRYPTO_ECC_CURVE_SECT_R2               (0x2b)
-#define TS_CRYPTO_ECC_CURVE_BRAINPOOL_P_R1        (0x30)
-#define TS_CRYPTO_ECC_CURVE_MONTGOMERY            (0x41)
+#define TS_CRYPTO_ECC_FAMILY_NONE                 (0x00)
+#define TS_CRYPTO_ECC_FAMILY_SECP_K1              (0x17)
+#define TS_CRYPTO_ECC_FAMILY_SECP_R1              (0x12)
+#define TS_CRYPTO_ECC_FAMILY_SECP_R2              (0x1b)
+#define TS_CRYPTO_ECC_FAMILY_SECT_K1              (0x27)
+#define TS_CRYPTO_ECC_FAMILY_SECT_R1              (0x22)
+#define TS_CRYPTO_ECC_FAMILY_SECT_R2              (0x2b)
+#define TS_CRYPTO_ECC_FAMILY_BRAINPOOL_P_R1       (0x30)
+#define TS_CRYPTO_ECC_FAMILY_MONTGOMERY           (0x41)
 
 /* Diffie-Hellman groups for use with DH key types */
-#define TS_CRYPTO_DH_GROUP_NONE                   (0x00)
-#define TS_CRYPTO_DH_GROUP_RFC7919                (0x03)
+#define TS_CRYPTO_DH_FAMILY_NONE                  (0x00)
+#define TS_CRYPTO_DH_FAMILY_RFC7919               (0x03)
 
 /* Crypto algorithms */
 #define TS_CRYPTO_ALG_NONE                        (0x00000000)
-#define TS_CRYPTO_ALG_HASH_MASK                   (0x000000ff)
-#define TS_CRYPTO_ALG_MD2                         (0x01000001)
-#define TS_CRYPTO_ALG_MD4                         (0x01000002)
-#define TS_CRYPTO_ALG_MD5                         (0x01000003)
-#define TS_CRYPTO_ALG_RIPEMD160                   (0x01000004)
-#define TS_CRYPTO_ALG_SHA_1                       (0x01000005)
-#define TS_CRYPTO_ALG_SHA_224                     (0x01000008)
-#define TS_CRYPTO_ALG_SHA_256                     (0x01000009)
-#define TS_CRYPTO_ALG_SHA_384                     (0x0100000a)
-#define TS_CRYPTO_ALG_SHA_512                     (0x0100000b)
-#define TS_CRYPTO_ALG_SHA_512_224                 (0x0100000c)
-#define TS_CRYPTO_ALG_SHA_512_256                 (0x0100000d)
-#define TS_CRYPTO_ALG_SHA3_224                    (0x01000010)
-#define TS_CRYPTO_ALG_SHA3_256                    (0x01000011)
-#define TS_CRYPTO_ALG_SHA3_384                    (0x01000012)
-#define TS_CRYPTO_ALG_SHA3_512                    (0x01000013)
-#define TS_CRYPTO_ALG_CBC_MAC                     (0x02c00001)
-#define TS_CRYPTO_ALG_CMAC                        (0x02c00002)
-#define TS_CRYPTO_ALG_ARC4                        (0x04800001)
-#define TS_CRYPTO_ALG_CHACHA20                    (0x04800005)
-#define TS_CRYPTO_ALG_CTR                         (0x04c00001)
-#define TS_CRYPTO_ALG_CFB                         (0x04c00002)
-#define TS_CRYPTO_ALG_OFB                         (0x04c00003)
-#define TS_CRYPTO_ALG_XTS                         (0x044000ff)
-#define TS_CRYPTO_ALG_CBC_NO_PADDING              (0x04600100)
-#define TS_CRYPTO_ALG_CBC_PKCS7                   (0x04600101)
-#define TS_CRYPTO_ALG_AEAD_FROM_BLOCK_FLAG        (0x00400000)
-#define TS_CRYPTO_ALG_CCM                         (0x06401001)
-#define TS_CRYPTO_ALG_GCM                         (0x06401002)
-#define TS_CRYPTO_ALG_CHACHA20_POLY1305           (0x06001005)
-#define TS_CRYPTO_ALG_RSA_PKCS1V15_SIGN_BASE      (0x10020000)
-#define TS_CRYPTO_ALG_RSA_PSS_BASE                (0x10030000)
-#define TS_CRYPTO_ALG_ECDSA_BASE                  (0x10060000)
-#define TS_CRYPTO_ALG_DETERMINISTIC_ECDSA_BASE    (0x10070000)
-#define TS_CRYPTO_ALG_RSA_PKCS1V15_CRYPT          (0x12020000)
-#define TS_CRYPTO_ALG_RSA_OAEP_BASE               (0x12030000)
-#define TS_CRYPTO_ALG_HKDF_BASE                   (0x20000100)
-#define TS_CRYPTO_ALG_TLS12_PRF_BASE              (0x20000200)
-#define TS_CRYPTO_ALG_TLS12_PSK_TO_MS_BASE        (0x20000300)
-#define TS_CRYPTO_ALG_KEY_DERIVATION_MASK         (0x0803ffff)
-#define TS_CRYPTO_ALG_KEY_AGREEMENT_MASK          (0x10fc0000)
-#define TS_CRYPTO_ALG_FFDH                        (0x30100000)
-#define TS_CRYPTO_ALG_ECDH                        (0x30200000)
+#define TS_CRYPTO_ALG_MD2                         (0x02000001)
+#define TS_CRYPTO_ALG_MD4                         (0x02000002)
+#define TS_CRYPTO_ALG_MD5                         (0x02000003)
+#define TS_CRYPTO_ALG_RIPEMD160                   (0x02000004)
+#define TS_CRYPTO_ALG_SHA_1                       (0x02000005)
+#define TS_CRYPTO_ALG_SHA_224                     (0x02000008)
+#define TS_CRYPTO_ALG_SHA_256                     (0x02000009)
+#define TS_CRYPTO_ALG_SHA_384                     (0x0200000a)
+#define TS_CRYPTO_ALG_SHA_512                     (0x0200000b)
+#define TS_CRYPTO_ALG_SHA_512_224                 (0x0200000c)
+#define TS_CRYPTO_ALG_SHA_512_256                 (0x0200000d)
+#define TS_CRYPTO_ALG_SHA3_224                    (0x02000010)
+#define TS_CRYPTO_ALG_SHA3_256                    (0x02000011)
+#define TS_CRYPTO_ALG_SHA3_384                    (0x02000012)
+#define TS_CRYPTO_ALG_SHA3_512                    (0x02000013)
+#define TS_CRYPTO_ALG_CBC_MAC                     (0x03c00100)
+#define TS_CRYPTO_ALG_CMAC                        (0x03c00200)
+#define TS_CRYPTO_ALG_STREAM_CIPHER               (0x04800100)
+#define TS_CRYPTO_ALG_CTR                         (0x04c01000)
+#define TS_CRYPTO_ALG_CFB                         (0x04c01100)
+#define TS_CRYPTO_ALG_OFB                         (0x04c01200)
+#define TS_CRYPTO_ALG_XTS                         (0x0440ff00)
+#define TS_CRYPTO_ALG_CBC_NO_PADDING              (0x04404000)
+#define TS_CRYPTO_ALG_CBC_PKCS7                   (0x04404100)
+#define TS_CRYPTO_ALG_CCM                         (0x05500100)
+#define TS_CRYPTO_ALG_GCM                         (0x05500200)
+#define TS_CRYPTO_ALG_CHACHA20_POLY1305           (0x05100500)
+#define TS_CRYPTO_ALG_RSA_PKCS1V15_CRYPT          (0x07000200)
+#define TS_CRYPTO_ALG_FFDH                        (0x09010000)
+#define TS_CRYPTO_ALG_ECDH                        (0x09020000)
 
 /* Key lifetime */
 #define TS_CRYPTO_KEY_LIFETIME_VOLATILE           (0x00000000)
@@ -98,9 +79,9 @@
 #define TS_CRYPTO_KEY_USAGE_COPY                  (0x00000002)
 #define TS_CRYPTO_KEY_USAGE_ENCRYPT               (0x00000100)
 #define TS_CRYPTO_KEY_USAGE_DECRYPT               (0x00000200)
-#define TS_CRYPTO_KEY_USAGE_SIGN_HASH             (0x00000400)
-#define TS_CRYPTO_KEY_USAGE_VERIFY_HASH           (0x00000800)
-#define TS_CRYPTO_KEY_USAGE_DERIVE                (0x00001000)
+#define TS_CRYPTO_KEY_USAGE_SIGN_HASH             (0x00001000)
+#define TS_CRYPTO_KEY_USAGE_VERIFY_HASH           (0x00002000)
+#define TS_CRYPTO_KEY_USAGE_DERIVE                (0x00004000)
 
 /* Key policy to define what key can be used for */
 struct __attribute__ ((__packed__)) ts_crypto_key_policy
diff --git a/protocols/service/crypto/packed-c/opcodes.h b/protocols/service/crypto/packed-c/opcodes.h
index eee6ed7..f0102b0 100644
--- a/protocols/service/crypto/packed-c/opcodes.h
+++ b/protocols/service/crypto/packed-c/opcodes.h
@@ -12,8 +12,6 @@
 #define TS_CRYPTO_OPCODE_NOP                    (0x0000)
 #define TS_CRYPTO_OPCODE_GENERATE_KEY           (0x0101)
 #define TS_CRYPTO_OPCODE_DESTROY_KEY            (0x0102)
-#define TS_CRYPTO_OPCODE_OPEN_KEY               (0x0103)
-#define TS_CRYPTO_OPCODE_CLOSE_KEY              (0x0104)
 #define TS_CRYPTO_OPCODE_EXPORT_KEY             (0x0105)
 #define TS_CRYPTO_OPCODE_EXPORT_PUBLIC_KEY      (0x0106)
 #define TS_CRYPTO_OPCODE_IMPORT_KEY             (0x0107)
diff --git a/protocols/service/crypto/packed-c/open_key.h b/protocols/service/crypto/packed-c/open_key.h
deleted file mode 100644
index 68252ad..0000000
--- a/protocols/service/crypto/packed-c/open_key.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef TS_CRYPTO_OPEN_KEY_H
-#define TS_CRYPTO_OPEN_KEY_H
-
-#include <stdint.h>
-
-/* Mandatory fixed sized input parameters */
-struct __attribute__ ((__packed__)) ts_crypto_open_key_in
-{
-  uint32_t id;
-};
-
-/* Mandatory fixed sized output parameters */
-struct __attribute__ ((__packed__)) ts_crypto_open_key_out
-{
-  uint32_t handle;
-};
-
-#endif /* TS_CRYPTO_OPEN_KEY_H */
\ No newline at end of file
diff --git a/protocols/service/crypto/packed-c/sign_hash.h b/protocols/service/crypto/packed-c/sign_hash.h
index 762125c..6f4d574 100644
--- a/protocols/service/crypto/packed-c/sign_hash.h
+++ b/protocols/service/crypto/packed-c/sign_hash.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_sign_hash_in
 {
-  uint32_t handle;
+  uint32_t id;
   uint32_t alg;
 };
 
diff --git a/protocols/service/crypto/packed-c/verify_hash.h b/protocols/service/crypto/packed-c/verify_hash.h
index fc3bbca..2650b2a 100644
--- a/protocols/service/crypto/packed-c/verify_hash.h
+++ b/protocols/service/crypto/packed-c/verify_hash.h
@@ -11,7 +11,7 @@
 /* Mandatory fixed sized input parameters */
 struct __attribute__ ((__packed__)) ts_crypto_verify_hash_in
 {
-  uint32_t handle;
+  uint32_t id;
   uint32_t alg;
 };
 
diff --git a/protocols/service/crypto/protobuf/asymmetric_decrypt.proto b/protocols/service/crypto/protobuf/asymmetric_decrypt.proto
index 0155c30..fecf7ed 100644
--- a/protocols/service/crypto/protobuf/asymmetric_decrypt.proto
+++ b/protocols/service/crypto/protobuf/asymmetric_decrypt.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message AsymmetricDecryptIn {
-  uint32 handle = 1;
+  uint32 id = 1;
   uint32 alg = 2;
   bytes ciphertext = 3;
   bytes salt = 4;
diff --git a/protocols/service/crypto/protobuf/asymmetric_encrypt.proto b/protocols/service/crypto/protobuf/asymmetric_encrypt.proto
index c85b9da..cb7a049 100644
--- a/protocols/service/crypto/protobuf/asymmetric_encrypt.proto
+++ b/protocols/service/crypto/protobuf/asymmetric_encrypt.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message AsymmetricEncryptIn {
-  uint32 handle = 1;
+  uint32 id = 1;
   uint32 alg = 2;
   bytes plaintext = 3;
   bytes salt = 4;
diff --git a/protocols/service/crypto/protobuf/close_key.proto b/protocols/service/crypto/protobuf/close_key.proto
deleted file mode 100644
index b9f5ea3..0000000
--- a/protocols/service/crypto/protobuf/close_key.proto
+++ /dev/null
@@ -1,11 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
- * SPDX-License-Identifier: BSD-3-Clause
- */
-syntax = "proto3";
-
-package ts_crypto;
-
-message CloseKeyIn {
-  uint32 handle = 1;
-}
diff --git a/protocols/service/crypto/protobuf/component.cmake b/protocols/service/crypto/protobuf/component.cmake
index 7583f18..377a971 100644
--- a/protocols/service/crypto/protobuf/component.cmake
+++ b/protocols/service/crypto/protobuf/component.cmake
@@ -1,5 +1,5 @@
 #-------------------------------------------------------------------------------
-# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -12,8 +12,6 @@
 	"${CMAKE_CURRENT_LIST_DIR}/asymmetric_decrypt.proto"
 	"${CMAKE_CURRENT_LIST_DIR}/asymmetric_encrypt.proto"
 	"${CMAKE_CURRENT_LIST_DIR}/destroy_key.proto"
-	"${CMAKE_CURRENT_LIST_DIR}/open_key.proto"
-	"${CMAKE_CURRENT_LIST_DIR}/close_key.proto"
 	"${CMAKE_CURRENT_LIST_DIR}/export_key.proto"
 	"${CMAKE_CURRENT_LIST_DIR}/export_public_key.proto"
 	"${CMAKE_CURRENT_LIST_DIR}/generate_key.proto"
diff --git a/protocols/service/crypto/protobuf/destroy_key.proto b/protocols/service/crypto/protobuf/destroy_key.proto
index 8b718af..f6bd32c 100644
--- a/protocols/service/crypto/protobuf/destroy_key.proto
+++ b/protocols/service/crypto/protobuf/destroy_key.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message DestroyKeyIn {
-  uint32 handle = 1;
+  uint32 id = 1;
 }
 
 message DestroyKeyOut {}
diff --git a/protocols/service/crypto/protobuf/export_key.proto b/protocols/service/crypto/protobuf/export_key.proto
index 14cc6a9..d6c1105 100644
--- a/protocols/service/crypto/protobuf/export_key.proto
+++ b/protocols/service/crypto/protobuf/export_key.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message ExportKeyIn {
-  uint32 handle = 1;
+  uint32 id = 1;
 }
 
 message ExportKeyOut {
diff --git a/protocols/service/crypto/protobuf/export_public_key.proto b/protocols/service/crypto/protobuf/export_public_key.proto
index e844325..3802496 100644
--- a/protocols/service/crypto/protobuf/export_public_key.proto
+++ b/protocols/service/crypto/protobuf/export_public_key.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message ExportPublicKeyIn {
-  uint32 handle = 1;
+  uint32 id = 1;
 }
 
 message ExportPublicKeyOut {
diff --git a/protocols/service/crypto/protobuf/generate_key.proto b/protocols/service/crypto/protobuf/generate_key.proto
index 48025a6..ba5b897 100644
--- a/protocols/service/crypto/protobuf/generate_key.proto
+++ b/protocols/service/crypto/protobuf/generate_key.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -13,5 +13,5 @@
 }
 
 message GenerateKeyOut {
-  uint32 handle = 1;
+  uint32 id = 1;
 }
diff --git a/protocols/service/crypto/protobuf/import_key.proto b/protocols/service/crypto/protobuf/import_key.proto
index 727b2bc..767f6df 100644
--- a/protocols/service/crypto/protobuf/import_key.proto
+++ b/protocols/service/crypto/protobuf/import_key.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -14,5 +14,5 @@
 }
 
 message ImportKeyOut {
-  uint32 handle = 1;
+  uint32 id = 1;
 }
diff --git a/protocols/service/crypto/protobuf/key_attributes.proto b/protocols/service/crypto/protobuf/key_attributes.proto
index bae948b..2415d5c 100644
--- a/protocols/service/crypto/protobuf/key_attributes.proto
+++ b/protocols/service/crypto/protobuf/key_attributes.proto
@@ -8,8 +8,6 @@
 
 /* Key types */
 enum KeyType {
-  option allow_alias = true;
-
   KEY_TYPE_NONE                   = 0x0000;
   KEY_TYPE_RAW_DATA               = 0x1001;
   KEY_TYPE_HMAC                   = 0x1100;
@@ -21,79 +19,60 @@
   KEY_TYPE_CHACHA20               = 0x2004;
   KEY_TYPE_RSA_PUBLIC_KEY         = 0x4001;
   KEY_TYPE_RSA_KEY_PAIR           = 0x7001;
-  KEY_TYPE_ECC_PUBLIC_KEY_BASE    = 0x4100;
-  KEY_TYPE_ECC_KEY_PAIR_BASE      = 0x7100;
-  KEY_TYPE_ECC_CURVE_MASK         = 0x00ff;
-  KEY_TYPE_DH_PUBLIC_KEY_BASE     = 0x4200;
-  KEY_TYPE_DH_KEY_PAIR_BASE       = 0x7200;
-  KEY_TYPE_DH_GROUP_MASK          = 0x00ff;
 }
 
 /* ECC curves for use with ECC Key types */
 enum EccCurve {
-  ECC_CURVE_NONE                  = 0x00;
-  ECC_CURVE_SECP_K1               = 0x17;
-  ECC_CURVE_SECP_R1               = 0x12;
-  ECC_CURVE_SECP_R2               = 0x1b;
-  ECC_CURVE_SECT_K1               = 0x27;
-  ECC_CURVE_SECT_R1               = 0x22;
-  ECC_CURVE_SECT_R2               = 0x2b;
-  ECC_CURVE_BRAINPOOL_P_R1        = 0x30;
-  ECC_CURVE_MONTGOMERY            = 0x41;
+  ECC_FAMILY_NONE                 = 0x00;
+  ECC_FAMILY_SECP_K1              = 0x17;
+  ECC_FAMILY_SECP_R1              = 0x12;
+  ECC_FAMILY_SECP_R2              = 0x1b;
+  ECC_FAMILY_SECT_K1              = 0x27;
+  ECC_FAMILY_SECT_R1              = 0x22;
+  ECC_FAMILY_SECT_R2              = 0x2b;
+  ECC_FAMILY_BRAINPOOL_P_R1       = 0x30;
+  ECC_FAMILY_MONTGOMERY           = 0x41;
 }
 
 /* Diffie-Hellman groups for use with DH key types */
 enum DhGroup {
-  DH_GROUP_NONE                   = 0x00;
-  DH_GROUP_RFC7919                = 0x03;
+  DH_FAMILY_NONE                  = 0x00;
+  DH_FAMILY_RFC7919               = 0x03;
 }
 
 /* Crypto algorithms */
 enum Alg {
   ALG_NONE                        = 0x00000000;
-  ALG_HASH_MASK                   = 0x000000ff;
-  ALG_MD2                         = 0x01000001;
-  ALG_MD4                         = 0x01000002;
-  ALG_MD5                         = 0x01000003;
-  ALG_RIPEMD160                   = 0x01000004;
-  ALG_SHA_1                       = 0x01000005;
-  ALG_SHA_224                     = 0x01000008;
-  ALG_SHA_256                     = 0x01000009;
-  ALG_SHA_384                     = 0x0100000a;
-  ALG_SHA_512                     = 0x0100000b;
-  ALG_SHA_512_224                 = 0x0100000c;
-  ALG_SHA_512_256                 = 0x0100000d;
-  ALG_SHA3_224                    = 0x01000010;
-  ALG_SHA3_256                    = 0x01000011;
-  ALG_SHA3_384                    = 0x01000012;
-  ALG_SHA3_512                    = 0x01000013;
-  ALG_CBC_MAC                     = 0x02c00001;
-  ALG_CMAC                        = 0x02c00002;
-  ALG_ARC4                        = 0x04800001;
-  ALG_CHACHA20                    = 0x04800005;
-  ALG_CTR                         = 0x04c00001;
-  ALG_CFB                         = 0x04c00002;
-  ALG_OFB                         = 0x04c00003;
-  ALG_XTS                         = 0x044000ff;
-  ALG_CBC_NO_PADDING              = 0x04600100;
-  ALG_CBC_PKCS7                   = 0x04600101;
-  ALG_AEAD_FROM_BLOCK_FLAG        = 0x00400000;
-  ALG_CCM                         = 0x06401001;
-  ALG_GCM                         = 0x06401002;
-  ALG_CHACHA20_POLY1305           = 0x06001005;
-  ALG_RSA_PKCS1V15_SIGN_BASE      = 0x10020000;
-  ALG_RSA_PSS_BASE                = 0x10030000;
-  ALG_ECDSA_BASE                  = 0x10060000;
-  ALG_DETERMINISTIC_ECDSA_BASE    = 0x10070000;
-  ALG_RSA_PKCS1V15_CRYPT          = 0x12020000;
-  ALG_RSA_OAEP_BASE               = 0x12030000;
-  ALG_HKDF_BASE                   = 0x20000100;
-  ALG_TLS12_PRF_BASE              = 0x20000200;
-  ALG_TLS12_PSK_TO_MS_BASE        = 0x20000300;
-  ALG_KEY_DERIVATION_MASK         = 0x0803ffff;
-  ALG_KEY_AGREEMENT_MASK          = 0x10fc0000;
-  ALG_FFDH                        = 0x30100000;
-  ALG_ECDH                        = 0x30200000;
+  ALG_MD2                         = 0x02000001;
+  ALG_MD4                         = 0x02000002;
+  ALG_MD5                         = 0x02000003;
+  ALG_RIPEMD160                   = 0x02000004;
+  ALG_SHA_1                       = 0x02000005;
+  ALG_SHA_224                     = 0x02000008;
+  ALG_SHA_256                     = 0x02000009;
+  ALG_SHA_384                     = 0x0200000a;
+  ALG_SHA_512                     = 0x0200000b;
+  ALG_SHA_512_224                 = 0x0200000c;
+  ALG_SHA_512_256                 = 0x0200000d;
+  ALG_SHA3_224                    = 0x02000010;
+  ALG_SHA3_256                    = 0x02000011;
+  ALG_SHA3_384                    = 0x02000012;
+  ALG_SHA3_512                    = 0x02000013;
+  ALG_CBC_MAC                     = 0x03c00100;
+  ALG_CMAC                        = 0x03c00200;
+  ALG_STREAM_CIPHER               = 0x04800100;
+  ALG_CTR                         = 0x04c01000;
+  ALG_CFB                         = 0x04c01100;
+  ALG_OFB                         = 0x04c01200;
+  ALG_XTS                         = 0x0440ff00;
+  ALG_CBC_NO_PADDING              = 0x04404000;
+  ALG_CBC_PKCS7                   = 0x04404100;
+  ALG_CCM                         = 0x05500100;
+  ALG_GCM                         = 0x05500200;
+  ALG_CHACHA20_POLY1305           = 0x05100500;
+  ALG_RSA_PKCS1V15_CRYPT          = 0x07000200;
+  ALG_FFDH                        = 0x09010000;
+  ALG_ECDH                        = 0x09020000;
 }
 
 /* Key lifetime */
@@ -109,9 +88,9 @@
   KEY_USAGE_COPY                  = 0x00000002;
   KEY_USAGE_ENCRYPT               = 0x00000100;
   KEY_USAGE_DECRYPT               = 0x00000200;
-  KEY_USAGE_SIGN_HASH             = 0x00000400;
-  KEY_USAGE_VERIFY_HASH           = 0x00000800;
-  KEY_USAGE_DERIVE                = 0x00001000;
+  KEY_USAGE_SIGN_HASH             = 0x00001000;
+  KEY_USAGE_VERIFY_HASH           = 0x00002000;
+  KEY_USAGE_DERIVE                = 0x00004000;
 }
 
 /* Key policy to define what key can be used for */
diff --git a/protocols/service/crypto/protobuf/opcodes.proto b/protocols/service/crypto/protobuf/opcodes.proto
index b16127e..094d3a0 100644
--- a/protocols/service/crypto/protobuf/opcodes.proto
+++ b/protocols/service/crypto/protobuf/opcodes.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -10,8 +10,6 @@
   NOP                 = 0x0000;
   GENERATE_KEY        = 0x0101;
   DESTROY_KEY         = 0x0102;
-  OPEN_KEY            = 0x0103;
-  CLOSE_KEY           = 0x0104;
   EXPORT_KEY          = 0x0105;
   EXPORT_PUBLIC_KEY   = 0x0106;
   IMPORT_KEY          = 0x0107;
diff --git a/protocols/service/crypto/protobuf/open_key.proto b/protocols/service/crypto/protobuf/open_key.proto
deleted file mode 100644
index 90fb2ad..0000000
--- a/protocols/service/crypto/protobuf/open_key.proto
+++ /dev/null
@@ -1,15 +0,0 @@
-/*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
- * SPDX-License-Identifier: BSD-3-Clause
- */
-syntax = "proto3";
-
-package ts_crypto;
-
-message OpenKeyIn {
-  uint32 id = 1;
-}
-
-message OpenKeyOut {
-  uint32 handle = 1;
-}
diff --git a/protocols/service/crypto/protobuf/sign_hash.proto b/protocols/service/crypto/protobuf/sign_hash.proto
index a409008..4b8bce0 100644
--- a/protocols/service/crypto/protobuf/sign_hash.proto
+++ b/protocols/service/crypto/protobuf/sign_hash.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message SignHashIn {
-  uint32 handle = 1;
+  uint32 id = 1;
   uint32 alg = 2;
   bytes hash = 3;
 }
diff --git a/protocols/service/crypto/protobuf/verify_hash.proto b/protocols/service/crypto/protobuf/verify_hash.proto
index 9253d94..c31561f 100644
--- a/protocols/service/crypto/protobuf/verify_hash.proto
+++ b/protocols/service/crypto/protobuf/verify_hash.proto
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
  * SPDX-License-Identifier: BSD-3-Clause
  */
 syntax = "proto3";
@@ -7,7 +7,7 @@
 package ts_crypto;
 
 message VerifyHashIn {
-  uint32 handle = 1;
+  uint32 id = 1;
   uint32 alg = 2;
   bytes hash = 3;
   bytes signature = 4;