Improve reuse of crypto client components
Now that the crypto service provider may be extended to support
the entire set of PSA crypto operations, reuse of client side
components between different types of client has become much
more important. This change introduces the crypto caller
component that may be specialized to support different
calling conventions and serializations. A packed-c
specialization is implemented that provides code that
may be reused by any client taht needs to use the
packed-c serialization to talk to a crypto service instance.
To allow multiple crypto callers to co-exist within
the same build, the crypto caller is implemented as
a header file library with static inline functions.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: Iac791829470a834f1a29ef59d4442bda93220f91
diff --git a/components/service/crypto/client/cpp/crypto_client.h b/components/service/crypto/client/cpp/crypto_client.h
index d996380..42085be 100644
--- a/components/service/crypto/client/cpp/crypto_client.h
+++ b/components/service/crypto/client/cpp/crypto_client.h
@@ -18,60 +18,95 @@
class crypto_client
{
public:
- virtual ~crypto_client();
+ virtual ~crypto_client();
- int err_rpc_status() const;
+ int err_rpc_status() const;
- /* Key lifecycle methods */
- virtual psa_status_t generate_key(const psa_key_attributes_t *attributes,
- psa_key_id_t *id) = 0;
- virtual psa_status_t destroy_key(psa_key_id_t id) = 0;
- virtual psa_status_t import_key(const psa_key_attributes_t *attributes,
- const uint8_t *data, size_t data_length, psa_key_id_t *id) = 0;
+ /* Key lifecycle methods */
+ virtual psa_status_t generate_key(
+ const psa_key_attributes_t *attributes,
+ psa_key_id_t *id) = 0;
- /* Key export methods */
- virtual psa_status_t export_key(psa_key_id_t id,
- uint8_t *data, size_t data_size,
- size_t *data_length) = 0;
- virtual psa_status_t export_public_key(psa_key_id_t id,
- uint8_t *data, size_t data_size, size_t *data_length) = 0;
+ virtual psa_status_t destroy_key(
+ psa_key_id_t id) = 0;
- /* Sign/verify methods */
- virtual psa_status_t sign_hash(psa_key_id_t id, psa_algorithm_t alg,
- const uint8_t *hash, size_t hash_length,
- uint8_t *signature, size_t signature_size,
- size_t *signature_length) = 0;
- virtual psa_status_t verify_hash(psa_key_id_t id, psa_algorithm_t alg,
- const uint8_t *hash, size_t hash_length,
- const uint8_t *signature, size_t signature_length) = 0;
+ virtual psa_status_t import_key(
+ const psa_key_attributes_t *attributes,
+ const uint8_t *data, size_t data_length,
+ psa_key_id_t *id) = 0;
- /* Asymmetric encrypt/decrypt */
- virtual psa_status_t asymmetric_encrypt(psa_key_id_t id, psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- const uint8_t *salt, size_t salt_length,
- uint8_t *output, size_t output_size, size_t *output_length) = 0;
- virtual psa_status_t asymmetric_decrypt(psa_key_id_t id, psa_algorithm_t alg,
- const uint8_t *input, size_t input_length,
- const uint8_t *salt, size_t salt_length,
- uint8_t *output, size_t output_size, size_t *output_length) = 0;
+ virtual psa_status_t copy_key(
+ psa_key_id_t source_key,
+ const psa_key_attributes_t *attributes,
+ psa_key_id_t *target_key) = 0;
- /* Random number generation */
- virtual psa_status_t generate_random(uint8_t *output, size_t output_size) = 0;
+ virtual psa_status_t purge_key(
+ psa_key_id_t id) = 0;
- /* Hash methods */
- virtual psa_status_t hash_setup(uint32_t *op_handle,
- psa_algorithm_t alg) = 0;
- virtual psa_status_t hash_update(uint32_t op_handle,
- const uint8_t *input, size_t input_length) = 0;
- virtual psa_status_t hash_finish(uint32_t op_handle,
- uint8_t *hash, size_t hash_size, size_t *hash_length) = 0;
+ virtual psa_status_t get_key_attributes(
+ psa_key_id_t id,
+ psa_key_attributes_t *attributes) = 0;
+
+ /* Key export methods */
+ virtual psa_status_t export_key(
+ psa_key_id_t id,
+ uint8_t *data, size_t data_size, size_t *data_length) = 0;
+
+ virtual psa_status_t export_public_key(
+ psa_key_id_t id,
+ uint8_t *data, size_t data_size, size_t *data_length) = 0;
+
+ /* Sign/verify methods */
+ virtual psa_status_t sign_hash(
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ uint8_t *signature, size_t signature_size, size_t *signature_length) = 0;
+
+ virtual psa_status_t verify_hash(
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *hash, size_t hash_length,
+ const uint8_t *signature, size_t signature_length) = 0;
+
+ /* Asymmetric encrypt/decrypt */
+ virtual psa_status_t asymmetric_encrypt(
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length) = 0;
+
+ virtual psa_status_t asymmetric_decrypt(
+ psa_key_id_t id,
+ psa_algorithm_t alg,
+ const uint8_t *input, size_t input_length,
+ const uint8_t *salt, size_t salt_length,
+ uint8_t *output, size_t output_size, size_t *output_length) = 0;
+
+ /* Random number generation */
+ virtual psa_status_t generate_random(
+ uint8_t *output, size_t output_size) = 0;
+
+ /* Hash methods */
+ virtual psa_status_t hash_setup(
+ uint32_t *op_handle,
+ psa_algorithm_t alg) = 0;
+
+ virtual psa_status_t hash_update(
+ uint32_t op_handle,
+ const uint8_t *input, size_t input_length) = 0;
+
+ virtual psa_status_t hash_finish(
+ uint32_t op_handle,
+ uint8_t *hash, size_t hash_size, size_t *hash_length) = 0;
protected:
- crypto_client();
- crypto_client(struct rpc_caller *caller);
- void set_caller(struct rpc_caller *caller);
+ crypto_client();
+ crypto_client(struct rpc_caller *caller);
+ void set_caller(struct rpc_caller *caller);
- struct service_client m_client;
+ struct service_client m_client;
};
#endif /* CRYPTO_CLIENT_H */