Add crypto service
Change-Id: Ifd55a4caaf0b95e3d1b6504863fba112a7e18f15
Signed-off-by: Julian Hall <julian.hall@arm.com>
diff --git a/protocols/service/crypto/packed-c/component.cmake b/protocols/service/crypto/packed-c/component.cmake
new file mode 100644
index 0000000..041f7d5
--- /dev/null
+++ b/protocols/service/crypto/packed-c/component.cmake
@@ -0,0 +1,14 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+target_include_directories(${TGT}
+ PRIVATE
+ "${CMAKE_CURRENT_LIST_DIR}"
+ )
diff --git a/protocols/service/crypto/packed-c/opcodes.h b/protocols/service/crypto/packed-c/opcodes.h
new file mode 100644
index 0000000..40f8ab3
--- /dev/null
+++ b/protocols/service/crypto/packed-c/opcodes.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TS_CRYPTO_OPCODES_H
+#define TS_CRYPTO_OPCODES_H
+
+/* C/C++ definition of crypto service opcodes
+ */
+#define TS_CRYPTO_OPCODE_NOP (0x0000)
+#define TS_CRYPTO_OPCODE_GENERATE_KEY (0x0101)
+#define TS_CRYPTO_OPCODE_DESTROY_KEY (0x0102)
+#define TS_CRYPTO_OPCODE_OPEN_KEY (0x0103)
+#define TS_CRYPTO_OPCODE_CLOSE_KEY (0x0104)
+#define TS_CRYPTO_OPCODE_EXPORT_KEY (0x0105)
+#define TS_CRYPTO_OPCODE_EXPORT_PUBLIC_KEY (0x0106)
+#define TS_CRYPTO_OPCODE_IMPORT_KEY (0x0107)
+#define TS_CRYPTO_OPCODE_SIGN_HASH (0x0108)
+#define TS_CRYPTO_OPCODE_VERIFY_HASH (0x0109)
+#define TS_CRYPTO_OPCODE_ASYMMETRIC_DECRYPT (0x010a)
+#define TS_CRYPTO_OPCODE_ASYMMETRIC_ENCRYPT (0x010b)
+#define TS_CRYPTO_OPCODE_GENERATE_RANDOM (0x010c)
+
+#endif /* TS_CRYPTO_OPCODES_H */
diff --git a/protocols/service/crypto/protobuf/asymmetric_decrypt.proto b/protocols/service/crypto/protobuf/asymmetric_decrypt.proto
new file mode 100644
index 0000000..0155c30
--- /dev/null
+++ b/protocols/service/crypto/protobuf/asymmetric_decrypt.proto
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message AsymmetricDecryptIn {
+ uint32 handle = 1;
+ uint32 alg = 2;
+ bytes ciphertext = 3;
+ bytes salt = 4;
+}
+
+message AsymmetricDecryptOut {
+ bytes plaintext = 1;
+}
diff --git a/protocols/service/crypto/protobuf/asymmetric_encrypt.proto b/protocols/service/crypto/protobuf/asymmetric_encrypt.proto
new file mode 100644
index 0000000..c85b9da
--- /dev/null
+++ b/protocols/service/crypto/protobuf/asymmetric_encrypt.proto
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message AsymmetricEncryptIn {
+ uint32 handle = 1;
+ uint32 alg = 2;
+ bytes plaintext = 3;
+ bytes salt = 4;
+}
+
+message AsymmetricEncryptOut {
+ bytes ciphertext = 1;
+}
diff --git a/protocols/service/crypto/protobuf/close_key.proto b/protocols/service/crypto/protobuf/close_key.proto
new file mode 100644
index 0000000..b9f5ea3
--- /dev/null
+++ b/protocols/service/crypto/protobuf/close_key.proto
@@ -0,0 +1,11 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message CloseKeyIn {
+ uint32 handle = 1;
+}
diff --git a/protocols/service/crypto/protobuf/component.cmake b/protocols/service/crypto/protobuf/component.cmake
new file mode 100644
index 0000000..7583f18
--- /dev/null
+++ b/protocols/service/crypto/protobuf/component.cmake
@@ -0,0 +1,26 @@
+#-------------------------------------------------------------------------------
+# Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+#-------------------------------------------------------------------------------
+if (NOT DEFINED TGT)
+ message(FATAL_ERROR "mandatory parameter TGT is not defined.")
+endif()
+
+set_property(TARGET ${TGT} APPEND PROPERTY PROTOBUF_FILES
+ "${CMAKE_CURRENT_LIST_DIR}/asymmetric_decrypt.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/asymmetric_encrypt.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/destroy_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/open_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/close_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/export_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/export_public_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/generate_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/generate_random.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/import_key.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/key_attributes.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/opcodes.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/sign_hash.proto"
+ "${CMAKE_CURRENT_LIST_DIR}/verify_hash.proto"
+ )
diff --git a/protocols/service/crypto/protobuf/destroy_key.proto b/protocols/service/crypto/protobuf/destroy_key.proto
new file mode 100644
index 0000000..8b718af
--- /dev/null
+++ b/protocols/service/crypto/protobuf/destroy_key.proto
@@ -0,0 +1,13 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message DestroyKeyIn {
+ uint32 handle = 1;
+}
+
+message DestroyKeyOut {}
diff --git a/protocols/service/crypto/protobuf/export_key.proto b/protocols/service/crypto/protobuf/export_key.proto
new file mode 100644
index 0000000..14cc6a9
--- /dev/null
+++ b/protocols/service/crypto/protobuf/export_key.proto
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message ExportKeyIn {
+ uint32 handle = 1;
+}
+
+message ExportKeyOut {
+ bytes data = 1;
+}
diff --git a/protocols/service/crypto/protobuf/export_public_key.proto b/protocols/service/crypto/protobuf/export_public_key.proto
new file mode 100644
index 0000000..e844325
--- /dev/null
+++ b/protocols/service/crypto/protobuf/export_public_key.proto
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message ExportPublicKeyIn {
+ uint32 handle = 1;
+}
+
+message ExportPublicKeyOut {
+ bytes data = 1;
+}
diff --git a/protocols/service/crypto/protobuf/generate_key.proto b/protocols/service/crypto/protobuf/generate_key.proto
new file mode 100644
index 0000000..48025a6
--- /dev/null
+++ b/protocols/service/crypto/protobuf/generate_key.proto
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+import "service/crypto/protobuf/key_attributes.proto";
+
+message GenerateKeyIn {
+ KeyAttributes attributes = 1;
+}
+
+message GenerateKeyOut {
+ uint32 handle = 1;
+}
diff --git a/protocols/service/crypto/protobuf/generate_random.proto b/protocols/service/crypto/protobuf/generate_random.proto
new file mode 100644
index 0000000..3fbb5be
--- /dev/null
+++ b/protocols/service/crypto/protobuf/generate_random.proto
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message GenerateRandomIn {
+ uint64 size = 1;
+}
+
+message GenerateRandomOut {
+ bytes random_bytes = 1;
+}
diff --git a/protocols/service/crypto/protobuf/import_key.proto b/protocols/service/crypto/protobuf/import_key.proto
new file mode 100644
index 0000000..727b2bc
--- /dev/null
+++ b/protocols/service/crypto/protobuf/import_key.proto
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+import "service/crypto/protobuf/key_attributes.proto";
+
+message ImportKeyIn {
+ KeyAttributes attributes = 1;
+ bytes data = 3;
+}
+
+message ImportKeyOut {
+ uint32 handle = 1;
+}
diff --git a/protocols/service/crypto/protobuf/key_attributes.proto b/protocols/service/crypto/protobuf/key_attributes.proto
new file mode 100644
index 0000000..7e504f6
--- /dev/null
+++ b/protocols/service/crypto/protobuf/key_attributes.proto
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+/* Key types */
+enum KeyType {
+ option allow_alias = true;
+
+ KEY_TYPE_NONE = 0x0000;
+ KEY_TYPE_RAW_DATA = 0x1001;
+ KEY_TYPE_HMAC = 0x1100;
+ KEY_TYPE_DERIVE = 0x1200;
+ KEY_TYPE_AES = 0x2400;
+ KEY_TYPE_DES = 0x2301;
+ KEY_TYPE_CAMELLIA = 0x2403;
+ KEY_TYPE_ARC4 = 0x2002;
+ KEY_TYPE_CHACHA20 = 0x2004;
+ KEY_TYPE_PUBLIC_KEY = 0x4001;
+ KEY_TYPE_RSA_KEY_PAIR = 0x7001;
+ KEY_TYPE_ECC_PUBLIC_KEY_BASE = 0x4100;
+ KEY_TYPE_ECC_KEY_PAIR_BASE = 0x7100;
+ KEY_TYPE_ECC_CURVE_MASK = 0x00ff;
+ KEY_TYPE_DH_PUBLIC_KEY_BASE = 0x4200;
+ KEY_TYPE_DH_KEY_PAIR_BASE = 0x7200;
+ KEY_TYPE_DH_GROUP_MASK = 0x00ff;
+}
+
+/* ECC curves for use with ECC Key types */
+enum EccCurve {
+ ECC_CURVE_NONE = 0x00;
+ ECC_CURVE_SECP_K1 = 0x17;
+ ECC_CURVE_SECP_R1 = 0x12;
+ ECC_CURVE_SECP_R2 = 0x1b;
+ ECC_CURVE_SECT_K1 = 0x27;
+ ECC_CURVE_SECT_R1 = 0x22;
+ ECC_CURVE_SECT_R2 = 0x2b;
+ ECC_CURVE_BRAINPOOL_P_R1 = 0x30;
+ ECC_CURVE_MONTGOMERY = 0x41;
+}
+
+/* Diffie-Hellman groups for use with DH key types */
+enum DhGroup {
+ DH_GROUP_NONE = 0x00;
+ DH_GROUP_RFC7919 = 0x03;
+}
+
+/* Crypto algorithms */
+enum Alg {
+ ALG_NONE = 0x00000000;
+ ALG_HASH_MASK = 0x000000ff;
+ ALG_MD2 = 0x01000001;
+ ALG_MD4 = 0x01000002;
+ ALG_MD5 = 0x01000003;
+ ALG_RIPEMD160 = 0x01000004;
+ ALG_SHA_1 = 0x01000005;
+ ALG_SHA_224 = 0x01000008;
+ ALG_SHA_256 = 0x01000009;
+ ALG_SHA_384 = 0x0100000a;
+ ALG_SHA_512 = 0x0100000b;
+ ALG_SHA_512_224 = 0x0100000c;
+ ALG_SHA_512_256 = 0x0100000d;
+ ALG_SHA3_224 = 0x01000010;
+ ALG_SHA3_256 = 0x01000011;
+ ALG_SHA3_384 = 0x01000012;
+ ALG_SHA3_512 = 0x01000013;
+ ALG_CBC_MAC = 0x02c00001;
+ ALG_CMAC = 0x02c00002;
+ ALG_ARC4 = 0x04800001;
+ ALG_CHACHA20 = 0x04800005;
+ ALG_CTR = 0x04c00001;
+ ALG_CFB = 0x04c00002;
+ ALG_OFB = 0x04c00003;
+ ALG_XTS = 0x044000ff;
+ ALG_CBC_NO_PADDING = 0x04600100;
+ ALG_CBC_PKCS7 = 0x04600101;
+ ALG_AEAD_FROM_BLOCK_FLAG = 0x00400000;
+ ALG_CCM = 0x06401001;
+ ALG_GCM = 0x06401002;
+ ALG_CHACHA20_POLY1305 = 0x06001005;
+ ALG_RSA_PKCS1V15_SIGN_BASE = 0x10020000;
+ ALG_RSA_PSS_BASE = 0x10030000;
+ ALG_ECDSA_BASE = 0x10060000;
+ ALG_DETERMINISTIC_ECDSA_BASE = 0x10070000;
+ ALG_RSA_PKCS1V15_CRYPT = 0x12020000;
+ ALG_RSA_OAEP_BASE = 0x12030000;
+ ALG_HKDF_BASE = 0x20000100;
+ ALG_TLS12_PRF_BASE = 0x20000200;
+ ALG_TLS12_PSK_TO_MS_BASE = 0x20000300;
+ ALG_KEY_DERIVATION_MASK = 0x0803ffff;
+ ALG_KEY_AGREEMENT_MASK = 0x10fc0000;
+ ALG_FFDH = 0x30100000;
+ ALG_ECDH = 0x30200000;
+}
+
+/* Key lifetime */
+enum KeyLifetime {
+ KEY_LIFETIME_VOLATILE = 0x00000000;
+ KEY_LIFETIME_PERSISTENT = 0x00000001;
+}
+
+/* Key usage constraints */
+enum KeyUsage {
+ KEY_USAGE_NONE = 0x00000000;
+ KEY_USAGE_EXPORT = 0x00000001;
+ KEY_USAGE_COPY = 0x00000002;
+ KEY_USAGE_ENCRYPT = 0x00000100;
+ KEY_USAGE_DECRYPT = 0x00000200;
+ KEY_USAGE_SIGN_HASH = 0x00000400;
+ KEY_USAGE_VERIFY_HASH = 0x00000800;
+ KEY_USAGE_DERIVE = 0x00001000;
+}
+
+/* Key policy to define what key can be used for */
+message KeyPolicy {
+ uint32 usage = 1;
+ uint32 alg = 2;
+}
+
+/* Key attributes object */
+message KeyAttributes {
+ uint32 type = 1;
+ uint32 key_bits = 2;
+ uint32 lifetime = 3;
+ uint32 id = 4;
+ KeyPolicy policy = 5;
+}
\ No newline at end of file
diff --git a/protocols/service/crypto/protobuf/opcodes.proto b/protocols/service/crypto/protobuf/opcodes.proto
new file mode 100644
index 0000000..b16127e
--- /dev/null
+++ b/protocols/service/crypto/protobuf/opcodes.proto
@@ -0,0 +1,23 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+enum Opcode {
+ NOP = 0x0000;
+ GENERATE_KEY = 0x0101;
+ DESTROY_KEY = 0x0102;
+ OPEN_KEY = 0x0103;
+ CLOSE_KEY = 0x0104;
+ EXPORT_KEY = 0x0105;
+ EXPORT_PUBLIC_KEY = 0x0106;
+ IMPORT_KEY = 0x0107;
+ SIGN_HASH = 0x0108;
+ VERIFY_HASH = 0x0109;
+ ASYMMETRIC_DECRYPT = 0x010a;
+ ASYMMETRIC_ENCRYPT = 0x010b;
+ GENERATE_RANDOM = 0x010c;
+}
diff --git a/protocols/service/crypto/protobuf/open_key.proto b/protocols/service/crypto/protobuf/open_key.proto
new file mode 100644
index 0000000..90fb2ad
--- /dev/null
+++ b/protocols/service/crypto/protobuf/open_key.proto
@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message OpenKeyIn {
+ uint32 id = 1;
+}
+
+message OpenKeyOut {
+ uint32 handle = 1;
+}
diff --git a/protocols/service/crypto/protobuf/sign_hash.proto b/protocols/service/crypto/protobuf/sign_hash.proto
new file mode 100644
index 0000000..a409008
--- /dev/null
+++ b/protocols/service/crypto/protobuf/sign_hash.proto
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message SignHashIn {
+ uint32 handle = 1;
+ uint32 alg = 2;
+ bytes hash = 3;
+}
+
+message SignHashOut {
+ bytes signature = 1;
+}
diff --git a/protocols/service/crypto/protobuf/verify_hash.proto b/protocols/service/crypto/protobuf/verify_hash.proto
new file mode 100644
index 0000000..9253d94
--- /dev/null
+++ b/protocols/service/crypto/protobuf/verify_hash.proto
@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2020, Arm Limited and Contributors. All rights reserved.
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+syntax = "proto3";
+
+package ts_crypto;
+
+message VerifyHashIn {
+ uint32 handle = 1;
+ uint32 alg = 2;
+ bytes hash = 3;
+ bytes signature = 4;
+}
+
+message VerifyHashOut {}