Blame - docs/deployments/libraries.rst - TS/trusted-services

blob: 81d18cb4b54e0a1d9f386253a3db876f518cf6b6 [file] [log] [blame]

Julian Hall	5e3626f	2022-04-07 14:05:08 +0100	[diff] [blame]	1	Libraries
				2	=========
Julian Hall	4287cec	2022-04-08 09:00:48 +0100	[diff] [blame]	3	Some deployments build common functionality into libraries that may be used by
				4	other deployments or external applications. The following library deployments
				5	are currently supported:
Julian Hall	5e3626f	2022-04-07 14:05:08 +0100	[diff] [blame]	6
Gyorgy Szing	a6c95df	2022-11-25 11:15:51 +0100	[diff] [blame]	7	.. _libs-libts:
				8
Julian Hall	4287cec	2022-04-08 09:00:48 +0100	[diff] [blame]	9	libts
				10	-----
				11	Userspace applications that depend on trusted services may use libts for handling
				12	service discovery and RPC messaging. A major benefit to application developers is
				13	that libts entirely decouples client applications from details of where a service
				14	provider is deployed and how to communicate with it. All TS test executables and
				15	tools that interact with service providers use libts.
				16
				17	To facilitate test and development within a native PC environment, the libts
				18	deployment for the linux-pc environment integrates a set of service providers
				19	into the library itself. From a client application's perspective, this looks
				20	exactly the same as when running on a target platform with service providers
				21	deployed in secure processing environments. For more information, see:
				22	:ref:`Service Locator`.
				23
				24	.. list-table::
				25	:widths: 1 2
				26	:header-rows: 0
				27
				28	* - Supported Environments
				29	- * \| linux-pc - service providers integrated into library
				30	* \| arm-linux - communicates with service providers in secure processing environment
				31	* - Used by
				32	- * Userspace applications
				33
Gabor Toth	841b0b6	2023-05-22 10:28:29 +0200	[diff] [blame^]	34	.. _libs-libpsa:
				35
				36	libpsa
				37	------
				38	Trusted Services implements the `PSA Certified APIs`_. Libpsa encapsulates the service client implementations
				39	which implement this API. Linux uuser-space applications can use libpsa to easily access the PSA services
				40	implemented by the project. Libpsa depends on libts for RPC and service discovery services.
				41
				42	.. list-table::
				43	:widths: 1 2
				44	:header-rows: 0
				45
				46	* - Supported Environments
				47	- * \| linux-pc
				48	* \| arm-linux
				49	* - Used by
				50	- * Userspace applications
				51	* - Depends on
				52	- * `libts`_ library
				53
				54	Build and integration examples
				55	..............................
				56
				57	Build as shared library::
				58
				59	cmake -S ./trusted-services/deployments/libpsa/linux-pc/ -B ./build
				60	make -C build && make -C build install
				61
				62	.. warning::
				63	Building as static library is not yet supported.
				64
				65	To integrate the library libts shall also be integrated. To achieve this add the listed
				66	lines to the application's cmake files::
				67
				68	find_package(libpsa "1.0.0" REQUIRED PATHS "<install path>")
				69	find_package(libts "2.0.0" REQUIRED PATHS "<install path>")
				70	target_link_libraries(ts-demo PRIVATE libpsa::psa)
				71
				72	Initialization
				73	..............
				74
				75	Before calling any function from libpsa the proper part of the library has to be initialized.
				76	Before exiting the application (or when PSA services are no longer needed) the initialized
				77	parts must be deinitialized. To access the library libpsa.h must be included::
				78
				79	psa_status_t libpsa_init_crypto_context(const char *service_name);
				80	void libpsa_deinit_crypto_context(void);
				81
				82	psa_status_t libpsa_init_attestation_context(const char *service_name);
				83	void libpsa_deinit_attestation_context(void);
				84
				85	psa_status_t libpsa_init_its_context(const char *service_name);
				86	void libpsa_deinit_its_context(void);
				87
				88	psa_status_t libpsa_init_ps_context(const char *service_name);
				89	void libpsa_deinit_ps_context(void);
				90
				91	The example below initializes and then deinitializes crypto::
				92
				93	psa_status_t psa_status = libpsa_init_crypto_context("sn:trustedfirmware.org:crypto:0");
				94	if (psa_status) {
				95	printf("libpsa_init_crypto_context failed: %d\n", psa_status);
				96	return PSA_ERROR_GENERIC_ERROR;
				97	}
				98
				99	libpsa_deinit_crypto_context();
				100
				101	Known issues and Limitations
				102	............................
				103
				104	\| The library is single client.
				105	\| The library is not thread safe.
				106	\| Only linux user-space is supported currently.
				107
Gyorgy Szing	a6c95df	2022-11-25 11:15:51 +0100	[diff] [blame]	108	.. _libs-libsp:
				109
Julian Hall	4287cec	2022-04-08 09:00:48 +0100	[diff] [blame]	110	libsp
				111	-----
				112	libsp provides a functional interface for using FF-A messaging and memory
				113	management facilities. libsp is used in SP deployments. For more information, see:
				114	:ref:`libsp`.
				115
				116	.. list-table::
				117	:widths: 1 2
				118	:header-rows: 0
				119
				120	* - Supported Environments
				121	- * \| opteesp
				122	* - Used by
				123	- * Secure partitions
Julian Hall	5e3626f	2022-04-07 14:05:08 +0100	[diff] [blame]	124
Gabor Toth	841b0b6	2023-05-22 10:28:29 +0200	[diff] [blame^]	125	Known issues and Limitations
				126	............................
				127
				128	\| The library is single client.
				129	\| The library is not thread safe.
				130	\| Only linux user-space is supported currently.
				131
Julian Hall	5e3626f	2022-04-07 14:05:08 +0100	[diff] [blame]	132	--------------
				133
Gabor Toth	841b0b6	2023-05-22 10:28:29 +0200	[diff] [blame^]	134	.. _`PSA Certified APIs`: https://arm-software.github.io/psa-api/
				135
				136	Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved.
Julian Hall	5e3626f	2022-04-07 14:05:08 +0100	[diff] [blame]	137
				138	SPDX-License-Identifier: BSD-3-Clause