Add namespaced key ids to crypto provider
To allow for partitioning of keys stored by an instance of the
crypto provider, a new namespaced_key_id type has been introduced.
Different crypto backends may have their own way or dealing with
key store partitioning or will not support it at all. For example,
mbedtls uses its own key_id type at the psa crypto API that gets
specialized for different build configurations. A crypto client
backend that just exposes the standard psa crypto API doesn't
support any form of partitioning. Functionality is unchanged
by this commit but it prepares for enabling the mbedtls key
owner facility.
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: Ia6f25caf231662bf8609b38820ea5afdb9d984c9
diff --git a/components/service/crypto/backend/crypto_backend.h b/components/service/crypto/backend/crypto_backend.h
new file mode 100644
index 0000000..ceb223a
--- /dev/null
+++ b/components/service/crypto/backend/crypto_backend.h
@@ -0,0 +1,24 @@
+/*
+ * Copyright (c) 2024, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CRYPTO_BACKEND_H
+#define CRYPTO_BACKEND_H
+
+/**
+ * The crypto backend implements the backend interface used by a crypto
+ * provider. By default, the backend interface is the standard psa
+ * crypto api with additional functions to provide a common interface
+ * for partitioning the keystore into separate namespaces. Alternative
+ * backends can provide their own version of the interface with overridden
+ * types and keystore namespacing functions.
+ */
+#ifdef ALTERNATIVE_CRYPTO_BACKEND
+#include ALTERNATIVE_CRYPTO_BACKEND
+#else
+#include "default_psa_crypto_backend.h"
+#endif
+
+#endif /* CRYPTO_BACKEND_H */