Use libpsa in ts-demo
Modify the demo application to use the prebuilt PSA clients from
libpsa instead of directly building these.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: Ib714c7ad901039c56ec6b021ff052b0329c79605
diff --git a/components/app/ts-demo/component.cmake b/components/app/ts-demo/component.cmake
index c4a7392..fe0f5fa 100644
--- a/components/app/ts-demo/component.cmake
+++ b/components/app/ts-demo/component.cmake
@@ -1,5 +1,5 @@
#-------------------------------------------------------------------------------
-# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2020-2023, Arm Limited and Contributors. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -9,6 +9,6 @@
endif()
target_sources(${TGT} PRIVATE
- "${CMAKE_CURRENT_LIST_DIR}/ts-demo.cpp"
+ "${CMAKE_CURRENT_LIST_DIR}/ts-demo.c"
)
diff --git a/components/app/ts-demo/test/ts-demo_tests.cpp b/components/app/ts-demo/test/ts-demo_tests.cpp
index e78f8a2..7fd104f 100644
--- a/components/app/ts-demo/test/ts-demo_tests.cpp
+++ b/components/app/ts-demo/test/ts-demo_tests.cpp
@@ -1,59 +1,62 @@
/*
- * Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <app/ts-demo/ts-demo.h>
-#include <service/crypto/client/cpp/protocol/packed-c/packedc_crypto_client.h>
-#include <protocols/rpc/common/packed-c/encoding.h>
#include <CppUTest/TestHarness.h>
-#include <service_locator.h>
+#include <app/ts-demo/ts-demo.h>
+#include <protocols/rpc/common/packed-c/encoding.h>
#include <service/crypto/client/cpp/crypto_client.h>
+#include <service/crypto/client/cpp/protocol/packed-c/packedc_crypto_client.h>
+#include <service/crypto/client/psa/psa_crypto_client.h>
+#include <service_locator.h>
+TEST_GROUP(TsDemoTests)
+{
+ void setup()
+ {
+ m_rpc_session = NULL;
+ m_crypto_service_context = NULL;
+ m_crypto_client = NULL;
-TEST_GROUP(TsDemoTests) {
+ service_locator_init();
- void setup()
- {
- m_rpc_session = NULL;
- m_crypto_service_context = NULL;
- m_crypto_client = NULL;
+ m_crypto_service_context = service_locator_query("sn:trustedfirmware.org:crypto:0");
+ CHECK(m_crypto_service_context);
- service_locator_init();
+ m_rpc_session = service_context_open(m_crypto_service_context);
+ CHECK(m_rpc_session);
- m_crypto_service_context = service_locator_query("sn:trustedfirmware.org:crypto:0");
- CHECK(m_crypto_service_context);
+ (void)psa_crypto_client_init(m_rpc_session);
- m_rpc_session = service_context_open(m_crypto_service_context);
- CHECK(m_rpc_session);
-
- m_crypto_client = new packedc_crypto_client(m_rpc_session);
- }
-
- void teardown()
- {
- delete m_crypto_client;
- m_crypto_client = NULL;
-
- if (m_crypto_service_context) {
- if (m_rpc_session) {
- service_context_close(m_crypto_service_context, m_rpc_session);
- m_rpc_session = NULL;
- }
-
- service_context_relinquish(m_crypto_service_context);
- m_crypto_service_context = NULL;
+ m_crypto_client = new packedc_crypto_client(m_rpc_session);
}
- }
- struct rpc_caller_session *m_rpc_session;
- struct service_context *m_crypto_service_context;
- crypto_client *m_crypto_client;
+ void teardown()
+ {
+ delete m_crypto_client;
+ m_crypto_client = NULL;
+
+ if (m_crypto_service_context) {
+ if (m_rpc_session) {
+ service_context_close(m_crypto_service_context, m_rpc_session);
+ m_rpc_session = NULL;
+ }
+
+ psa_crypto_client_deinit();
+ service_context_relinquish(m_crypto_service_context);
+ m_crypto_service_context = NULL;
+ }
+ }
+
+ struct rpc_caller_session *m_rpc_session;
+ struct service_context *m_crypto_service_context;
+ crypto_client *m_crypto_client;
};
TEST(TsDemoTests, runTsDemo)
{
- int status = run_ts_demo(m_crypto_client, false);
- CHECK_EQUAL(0, status);
+ int status = run_ts_demo(false);
+ CHECK_EQUAL(0, status);
}
diff --git a/components/app/ts-demo/ts-demo.c b/components/app/ts-demo/ts-demo.c
new file mode 100644
index 0000000..43b3adb
--- /dev/null
+++ b/components/app/ts-demo/ts-demo.c
@@ -0,0 +1,325 @@
+/*
+ * Copyright (c) 2020-2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include "ts-demo.h"
+
+#include <psa/crypto.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+static const psa_key_id_t SIGNING_KEY_ID = 0x100;
+static const psa_key_id_t ENCRYPTION_KEY_ID = 0x101;
+
+bool m_verbose = true;
+
+void print_intro(void)
+{
+ if (m_verbose) {
+ printf("\nDemonstrates use of trusted services from an application");
+ printf("\n---------------------------------------------------------");
+ printf("\nA client requests a set of crypto operations performed by");
+ printf("\nthe Crypto service. Key storage for persistent keys is");
+ printf("\nprovided by the Secure Storage service via the ITS client.\n");
+ printf("\n");
+ }
+}
+
+void wait(int seconds)
+{
+ if (m_verbose)
+ sleep(seconds);
+}
+
+void print_status(psa_status_t status)
+{
+ if (m_verbose) {
+ if (status == PSA_SUCCESS)
+ printf("\n\tOperation successful\n");
+ else
+ printf("\n\tOperation failed. op error: %d\n", status);
+ }
+}
+
+void print_byte_array(const uint8_t *array, size_t len)
+{
+ size_t count = 0;
+ size_t column = 0;
+
+ while (count < len) {
+ if (column == 0)
+ printf("\n\t\t");
+ else
+ printf(" ");
+
+ printf("%02X", array[count]);
+
+ ++count;
+ column = (column + 1) % 8;
+ }
+
+ printf("\n");
+}
+
+bool generate_signing_key(psa_key_id_t *signing_key_id)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ psa_set_key_id(&attributes, SIGNING_KEY_ID);
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH);
+ psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256));
+ psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
+ psa_set_key_bits(&attributes, 256);
+
+ if (m_verbose)
+ printf("Generating ECC signing key");
+
+ status = psa_generate_key(&attributes, signing_key_id);
+ psa_reset_key_attributes(&attributes);
+
+ print_status(status);
+
+ return (status != PSA_SUCCESS);
+}
+
+bool sign_and_verify_message(const char *message, psa_key_id_t signing_key_id)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ bool error = false;
+ uint8_t message_buffer[100];
+ size_t message_len = strlen(message) + 1;
+
+ if (message_len > sizeof(message_buffer))
+ message_len = sizeof(message_buffer) - 1;
+
+ memset(message_buffer, 0, sizeof(message_buffer));
+ memcpy(message_buffer, message, message_len);
+
+ /* Sign message */
+ uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
+ size_t signature_length;
+
+ if (m_verbose)
+ printf("Signing message: \"%s\" using key: %d", message_buffer, signing_key_id);
+
+ status = psa_sign_hash(signing_key_id, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ message_buffer, message_len, signature, sizeof(signature),
+ &signature_length);
+
+ print_status(status);
+
+ if (m_verbose && (status == PSA_SUCCESS)) {
+ printf("\tSignature bytes: ");
+ print_byte_array(signature, signature_length);
+ }
+
+ error |= (status != PSA_SUCCESS);
+
+ /* Verify signature against original message */
+ if (m_verbose)
+ printf("Verify signature using original message: \"%s\"", message_buffer);
+
+ status = psa_verify_hash(signing_key_id, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ message_buffer, message_len, signature, signature_length);
+
+ print_status(status);
+
+ error |= (status != PSA_SUCCESS);
+
+ /* Verify signature against modified message */
+ message_buffer[0] = '!';
+ if (m_verbose)
+ printf("Verify signature using modified message: \"%s\"", message_buffer);
+
+ status = psa_verify_hash(signing_key_id, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+ message_buffer, message_len, signature, signature_length);
+
+ if (status == PSA_ERROR_INVALID_SIGNATURE) {
+ if (m_verbose)
+ printf("\n\tSuccessfully detected modified message\n");
+ } else {
+ print_status(status);
+ }
+
+ error |= (status == PSA_SUCCESS);
+
+ return error;
+}
+
+bool generate_asymmetric_encryption_key(psa_key_id_t *encryption_key_id)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+
+ psa_set_key_id(&attributes, ENCRYPTION_KEY_ID);
+ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+ psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_CRYPT);
+ psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR);
+ psa_set_key_bits(&attributes, 1024);
+
+ if (m_verbose)
+ printf("Generating RSA encryption key");
+
+ status = psa_generate_key(&attributes, encryption_key_id);
+ psa_reset_key_attributes(&attributes);
+
+ print_status(status);
+
+ return (status != PSA_SUCCESS);
+}
+
+bool encrypt_add_decrypt_message(const char *message, psa_key_id_t encryption_key_id)
+{
+ bool error = false;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ size_t message_len = strlen(message) + 1;
+
+ /* Encrypt a message */
+ if (m_verbose)
+ printf("Encrypt message: \"%s\" using RSA key: %d", message, encryption_key_id);
+
+ uint8_t ciphertext[256];
+ size_t ciphertext_len = 0;
+
+ status = psa_asymmetric_encrypt(encryption_key_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
+ (const uint8_t *)message, message_len, NULL, 0, ciphertext,
+ sizeof(ciphertext), &ciphertext_len);
+ print_status(status);
+
+ if (m_verbose && (status == PSA_SUCCESS)) {
+ printf("\tEncrypted message: ");
+ print_byte_array(ciphertext, ciphertext_len);
+ }
+
+ error |= (status != PSA_SUCCESS);
+
+ /* Decrypt it */
+ if (m_verbose)
+ printf("Decrypting message using RSA key: %d", encryption_key_id);
+
+ uint8_t plaintext[256];
+ size_t plaintext_len = 0;
+
+ status = psa_asymmetric_decrypt(encryption_key_id, PSA_ALG_RSA_PKCS1V15_CRYPT, ciphertext,
+ ciphertext_len, NULL, 0, plaintext, sizeof(plaintext),
+ &plaintext_len);
+ print_status(status);
+
+ if (m_verbose && (status == PSA_SUCCESS)) {
+ if ((plaintext_len == message_len) &&
+ (memcmp(message, plaintext, plaintext_len) == 0)) {
+ printf("\tDecrypted message: \"%s\"\n", plaintext);
+ } else {
+ printf("\tDecrypted message is different from original!: ");
+ print_byte_array(plaintext, plaintext_len);
+ }
+ }
+
+ error |= (status != PSA_SUCCESS);
+
+ return error;
+}
+
+bool export_public_key(psa_key_id_t signing_key_id)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ uint8_t key_buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
+ size_t key_len = 0;
+
+ if (m_verbose)
+ printf("Exporting public key: %d", signing_key_id);
+
+ status = psa_export_public_key(signing_key_id, key_buf, sizeof(key_buf), &key_len);
+
+ print_status(status);
+
+ if (m_verbose && (status == PSA_SUCCESS)) {
+ printf("\tPublic key bytes: ");
+ print_byte_array(key_buf, key_len);
+ }
+
+ return (status != PSA_SUCCESS);
+}
+
+bool generate_random_number(size_t length)
+{
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+ uint8_t *buffer = (uint8_t *)malloc(length);
+
+ if (m_verbose)
+ printf("Generating random bytes length: %lu", length);
+
+ status = psa_generate_random(buffer, length);
+
+ print_status(status);
+
+ if (m_verbose && (status == PSA_SUCCESS)) {
+ printf("\tRandom bytes: ");
+ print_byte_array(buffer, length);
+ }
+
+ return (status != PSA_SUCCESS);
+}
+
+bool destroy_keys(psa_key_id_t signing_key_id, psa_key_id_t encryption_key_id)
+{
+ bool error = false;
+ psa_status_t status = PSA_ERROR_GENERIC_ERROR;
+
+ if (m_verbose)
+ printf("Destroying signing key: %d", signing_key_id);
+
+ status = psa_destroy_key(signing_key_id);
+ print_status(status);
+ error |= (status != PSA_SUCCESS);
+
+ if (m_verbose)
+ printf("Destroying encryption key: %d", encryption_key_id);
+
+ status = psa_destroy_key(encryption_key_id);
+ print_status(status);
+ error |= (status != PSA_SUCCESS);
+
+ return error;
+}
+
+bool run_ts_demo(bool is_verbose)
+{
+ psa_key_id_t signing_key_id = 0;
+ psa_key_id_t encryption_key_id = 0;
+ bool error = false;
+
+ m_verbose = is_verbose;
+ print_intro();
+ wait(1);
+ psa_crypto_init();
+ wait(1);
+ error |= generate_random_number(1);
+ wait(1);
+ error |= generate_random_number(7);
+ wait(1);
+ error |= generate_random_number(128);
+ wait(1);
+ error |= generate_signing_key(&signing_key_id);
+ wait(2);
+ error |= sign_and_verify_message("The quick brown fox", signing_key_id);
+ wait(3);
+ error |= sign_and_verify_message("jumps over the lazy dog", signing_key_id);
+ wait(3);
+ error |= generate_asymmetric_encryption_key(&encryption_key_id);
+ wait(2);
+ error |= encrypt_add_decrypt_message("Top secret", encryption_key_id);
+ wait(3);
+ error |= export_public_key(signing_key_id);
+ wait(2);
+ error |= destroy_keys(signing_key_id, encryption_key_id);
+ wait(2);
+
+ return error;
+}
diff --git a/components/app/ts-demo/ts-demo.cpp b/components/app/ts-demo/ts-demo.cpp
deleted file mode 100644
index 589f3b6..0000000
--- a/components/app/ts-demo/ts-demo.cpp
+++ /dev/null
@@ -1,329 +0,0 @@
-/*
- * Copyright (c) 2020-2021, Arm Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#include <cstdio>
-#include <cstring>
-#include <unistd.h>
-#include <service/crypto/client/cpp/crypto_client.h>
-#include "ts-demo.h"
-
-class ts_demo {
-public:
- ts_demo(crypto_client *crypto_client, bool is_verbose) :
- m_crypto_client(crypto_client),
- m_signing_key_id(0),
- m_encryption_key_id(0),
- m_verbose(is_verbose),
- m_all_ok(true) {
-
- }
-
- ~ts_demo() {
-
- }
-
- bool is_all_ok() const {
- return m_all_ok;
- }
-
- void print_intro() {
-
- if (m_verbose) {
- printf("\nDemonstrates use of trusted services from an application");
- printf("\n---------------------------------------------------------");
- printf("\nA client requests a set of crypto operations performed by");
- printf("\nthe Crypto service. Key storage for persistent keys is");
- printf("\nprovided by the Secure Storage service via the ITS client.\n");
- printf("\n");
- }
- }
-
- void wait(int seconds) {
-
- if (m_verbose) sleep(seconds);
- }
-
- void print_status(psa_status_t status) {
-
- if (m_verbose) {
-
- if (status == PSA_SUCCESS) {
- printf("\n\tOperation successful\n");
- }
- else {
- printf("\n\tOperation failed. op error: %d RPC call status %d\n",
- status, m_crypto_client->err_rpc_status());
- }
- }
- }
-
- void print_byte_array(const uint8_t *array, size_t len)
- {
- size_t count = 0;
- size_t column = 0;
-
- while (count < len) {
-
- if (column == 0) printf("\n\t\t");
- else printf(" ");
-
- printf("%02X", array[count]);
-
- ++count;
- column = (column +1) % 8;
- }
-
- printf("\n");
- }
-
- void generate_signing_key()
- {
- psa_status_t status;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- psa_set_key_id(&attributes, SIGNING_KEY_ID);
- psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH);
- psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256));
- psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1));
- psa_set_key_bits(&attributes, 256);
-
- if (m_verbose) printf("Generating ECC signing key");
-
- status = m_crypto_client->generate_key(&attributes, &m_signing_key_id);
- psa_reset_key_attributes(&attributes);
-
- print_status(status);
-
- m_all_ok &= (status == PSA_SUCCESS);
- }
-
- void sign_and_verify_message(const char *message)
- {
-
- psa_status_t status;
- uint8_t hash[100];
- size_t hash_len = strlen(message) + 1;
-
- if (hash_len > sizeof(hash)) hash_len = sizeof(hash) - 1;
-
- memset(hash, 0, sizeof(hash));
- memcpy(hash, message, hash_len);
-
- /* Sign message */
- uint8_t signature[PSA_SIGNATURE_MAX_SIZE];
- size_t signature_length;
-
- if (m_verbose) printf("Signing message: \"%s\" using key: %d", hash, m_signing_key_id);
-
- status = m_crypto_client->sign_hash(m_signing_key_id,
- PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256), hash, hash_len,
- signature, sizeof(signature), &signature_length);
-
- print_status(status);
-
- if (m_verbose && (status == PSA_SUCCESS)) {
- printf("\tSignature bytes: ");
- print_byte_array(signature, signature_length);
- }
-
- m_all_ok &= (status == PSA_SUCCESS);
-
- /* Verify signature against original message */
- if (m_verbose) printf("Verify signature using original message: \"%s\"", hash);
-
- status = m_crypto_client->verify_hash(m_signing_key_id,
- PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256), hash, hash_len,
- signature, signature_length);
-
- print_status(status);
-
- m_all_ok &= (status == PSA_SUCCESS);
-
- /* Verify signature against modified message */
- hash[0] = '!';
- if (m_verbose) printf("Verify signature using modified message: \"%s\"", hash);
-
- status = m_crypto_client->verify_hash(m_signing_key_id,
- PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256), hash, hash_len,
- signature, signature_length);
-
- if (status == PSA_ERROR_INVALID_SIGNATURE) {
- if (m_verbose) printf("\n\tSuccessfully detected modified message\n");
- }
- else {
- print_status(status);
- }
-
- m_all_ok &= (status != PSA_SUCCESS);
- }
-
- void generate_asymmetric_encryption_key()
- {
- psa_status_t status;
- psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
-
- psa_set_key_id(&attributes, ENCRYPTION_KEY_ID);
- psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
- psa_set_key_algorithm(&attributes, PSA_ALG_RSA_PKCS1V15_CRYPT);
- psa_set_key_type(&attributes, PSA_KEY_TYPE_RSA_KEY_PAIR);
- psa_set_key_bits(&attributes, 1024);
-
- if (m_verbose) printf("Generating RSA encryption key");
-
- status = m_crypto_client->generate_key(&attributes, &m_encryption_key_id);
- psa_reset_key_attributes(&attributes);
-
- print_status(status);
-
- m_all_ok &= (status == PSA_SUCCESS);
- }
-
- void encrypt_add_decrypt_message(const char *message)
- {
- psa_status_t status;
- size_t message_len = strlen(message) + 1;
-
- /* Encrypt a message */
- if (m_verbose) printf("Encrypting message: \"%s\" using RSA key: %d", message, m_encryption_key_id);
-
- uint8_t ciphertext[256];
- size_t ciphertext_len = 0;
-
- status = m_crypto_client->asymmetric_encrypt(m_encryption_key_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
- (const uint8_t*)message, message_len, NULL, 0,
- ciphertext, sizeof(ciphertext), &ciphertext_len);
- print_status(status);
-
- if (m_verbose && (status == PSA_SUCCESS)) {
- printf("\tEncrypted message: ");
- print_byte_array(ciphertext, ciphertext_len);
- }
-
- m_all_ok &= (status == PSA_SUCCESS);
-
- /* Decrypt it */
- if (m_verbose) printf("Decrypting message using RSA key: %d", m_encryption_key_id);
-
- uint8_t plaintext[256];
- size_t plaintext_len = 0;
-
- status = m_crypto_client->asymmetric_decrypt(m_encryption_key_id, PSA_ALG_RSA_PKCS1V15_CRYPT,
- ciphertext, ciphertext_len, NULL, 0,
- plaintext, sizeof(plaintext), &plaintext_len);
- print_status(status);
-
- if (m_verbose && (status == PSA_SUCCESS)) {
-
- if ((plaintext_len == message_len) &&
- (memcmp(message, plaintext, plaintext_len) == 0)) {
- if (m_verbose) printf("\tDecrypted message: \"%s\"\n", plaintext);
- }
- else {
- printf("\tDecrypted message is different from original!: ");
- print_byte_array(plaintext, plaintext_len);
- }
- }
-
- m_all_ok &= (status == PSA_SUCCESS);
- }
-
- void export_public_key()
- {
- psa_status_t status;
- uint8_t key_buf[PSA_EXPORT_PUBLIC_KEY_MAX_SIZE];
- size_t key_len = 0;
-
- if (m_verbose) printf("Exporting public key: %d", m_signing_key_id);
-
- status = m_crypto_client->export_public_key(m_signing_key_id, key_buf, sizeof(key_buf), &key_len);
-
- print_status(status);
-
- if (m_verbose && (status == PSA_SUCCESS)) {
- printf("\tPublic key bytes: ");
- print_byte_array(key_buf, key_len);
- }
-
- m_all_ok &= (status == PSA_SUCCESS);
- }
-
- void generate_random_number(size_t length)
- {
- psa_status_t status;
- uint8_t buffer[length];
-
- if (m_verbose) printf("Generating random bytes length: %ld", length);
-
- status = m_crypto_client->generate_random(buffer, length);
-
- print_status(status);
-
- if (m_verbose && (status == PSA_SUCCESS)) {
- printf("\tRandom bytes: ");
- print_byte_array(buffer, length);
- }
-
- m_all_ok &= (status == PSA_SUCCESS);
- }
-
- void destroy_keys()
- {
- psa_status_t status;
-
- if (m_verbose) printf("Destroying signing key: %d", m_signing_key_id);
- status = m_crypto_client->destroy_key(m_signing_key_id);
- print_status(status);
- m_all_ok &= (status == PSA_SUCCESS);
-
- if (m_verbose) printf("Destroying encryption key: %d", m_encryption_key_id);
- status = m_crypto_client->destroy_key(m_encryption_key_id);
- print_status(status);
- m_all_ok &= (status == PSA_SUCCESS);
- }
-
-private:
-
- static const psa_key_id_t SIGNING_KEY_ID = 0x100;
- static const psa_key_id_t ENCRYPTION_KEY_ID = 0x101;
-
- crypto_client *m_crypto_client;
- psa_key_id_t m_signing_key_id;
- psa_key_id_t m_encryption_key_id;
-
- bool m_verbose;
- bool m_all_ok;
-};
-
-
-int run_ts_demo(crypto_client *crypto_client, bool is_verbose) {
-
- ts_demo demo(crypto_client, is_verbose);
-
- demo.print_intro();
- demo.wait(1);
- demo.generate_random_number(1);
- demo.wait(1);
- demo.generate_random_number(7);
- demo.wait(1);
- demo.generate_random_number(128);
- demo.wait(1);
- demo.generate_signing_key();
- demo.wait(2);
- demo.sign_and_verify_message("The quick brown fox");
- demo.wait(3);
- demo.sign_and_verify_message("jumps over the lazy dog");
- demo.wait(3);
- demo.generate_asymmetric_encryption_key();
- demo.wait(2);
- demo.encrypt_add_decrypt_message("Top secret");
- demo.wait(3);
- demo.export_public_key();
- demo.wait(2);
- demo.destroy_keys();
- demo.wait(2);
-
- return demo.is_all_ok() ? 0 : -1;
-}
diff --git a/components/app/ts-demo/ts-demo.h b/components/app/ts-demo/ts-demo.h
index 96de474..34fbbbf 100644
--- a/components/app/ts-demo/ts-demo.h
+++ b/components/app/ts-demo/ts-demo.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,8 +7,16 @@
#ifndef TS_DEMO_H
#define TS_DEMO_H
-#include <service/crypto/client/cpp/crypto_client.h>
+#include <stdbool.h>
-int run_ts_demo(crypto_client *crypto_client, bool is_verbose);
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+bool run_ts_demo(bool is_verbose);
+
+#ifdef __cplusplus
+}
+#endif
#endif /* TS_DEMO_H */