Rename Mbed" to MbedCrypto

Also activate the MbedCrypto provider on the CI

Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>

Author: hug-dev

Cargo.toml

@@ -72,9 +72,4 @@ mbed-crypto-provider = ["psa-crypto"]
 pkcs11-provider = ["pkcs11", "picky-asn1-der", "picky-asn1", "picky-asn1-x509"]
 tpm-provider = ["tss-esapi", "picky-asn1-der", "picky-asn1", "picky-asn1-x509"]
 all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider"]
-# The Mbed provider is not included in the docs because of 2 reasons:
-# 1) it is currently impossible for it to be built inside the docs.rs build system (as it has dependencies
-# that cannot be fulfilled)
-# 2) we are currently not expecting the mbed provider to be used in prod and hence there should be little
-# appetite for developers to understand the code.
-docs = ["pkcs11-provider", "tpm-provider", "tss-esapi/docs"]
+docs = ["pkcs11-provider", "tpm-provider", "tss-esapi/docs", "mbed-crypto-provider"]

ci.sh

@@ -151,7 +151,7 @@ else
     # It is tested in test "should_have_been_deleted".
     # This test does not make sense for the TPM provider.
     if [ "$PROVIDER_NAME" = "mbed-crypto" ]; then
-        echo "Create a fake mapping file for Mbed Provider"
+        echo "Create a fake mapping file for Mbed Crypto Provider"
         mkdir -p mappings/cm9vdA==/1
         printf '\x04\x00\x00\x00\x00\x00\x00\x00\xd8\x9e\xa3\x05\x01\x00\x00\x00' > mappings/cm9vdA==/1/VGVzdCBLZXk\=
         printf '\x09\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00' >> mappings/cm9vdA==/1/VGVzdCBLZXk\=

fuzz/config.toml

@@ -9,7 +9,7 @@ name = "on-disk-manager"
 manager_type = "OnDisk"
 
 # [[provider]]
-# provider_type = "MbedProvider"
+# provider_type = "MbedCryptoProvider"
 # key_info_manager = "on-disk-manager"
 
 [[provider]]

src/providers/mbed_provider/aead.rs renamed to src/providers/mbed_crypto_provider/aead.rs

@@ -1,14 +1,14 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use super::{key_management, MbedProvider};
+use super::{key_management, MbedCryptoProvider};
 use crate::authenticators::ApplicationName;
 use crate::key_info_managers::KeyTriple;
 use parsec_interface::operations::{psa_aead_decrypt, psa_aead_encrypt};
 use parsec_interface::requests::{ProviderID, ResponseStatus, Result};
 use psa_crypto::operations::aead;
 use psa_crypto::types::key;
 
-impl MbedProvider {
+impl MbedCryptoProvider {
     pub(super) fn psa_aead_encrypt_internal(
         &self,
         app_name: ApplicationName,

src/providers/mbed_provider/asym_encryption.rs renamed to src/providers/mbed_crypto_provider/asym_encryption.rs

@@ -1,14 +1,14 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use super::{key_management, MbedProvider};
+use super::{key_management, MbedCryptoProvider};
 use crate::authenticators::ApplicationName;
 use crate::key_info_managers::KeyTriple;
 use parsec_interface::operations::{psa_asymmetric_decrypt, psa_asymmetric_encrypt};
 use parsec_interface::requests::{ProviderID, ResponseStatus, Result};
 use psa_crypto::operations::asym_encryption;
 use psa_crypto::types::key;
 
-impl MbedProvider {
+impl MbedCryptoProvider {
     pub(super) fn psa_asymmetric_encrypt_internal(
         &self,
         app_name: ApplicationName,

src/providers/mbed_provider/asym_sign.rs renamed to src/providers/mbed_crypto_provider/asym_sign.rs

@@ -1,14 +1,14 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use super::{key_management, MbedProvider};
+use super::{key_management, MbedCryptoProvider};
 use crate::authenticators::ApplicationName;
 use crate::key_info_managers::KeyTriple;
 use parsec_interface::operations::{psa_sign_hash, psa_verify_hash};
 use parsec_interface::requests::{ProviderID, ResponseStatus, Result};
 use psa_crypto::operations::asym_signature;
 use psa_crypto::types::key;
 
-impl MbedProvider {
+impl MbedCryptoProvider {
     pub(super) fn psa_sign_hash_internal(
         &self,
         app_name: ApplicationName,

src/providers/mbed_provider/hash.rs renamed to src/providers/mbed_crypto_provider/hash.rs

@@ -1,11 +1,11 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use super::MbedProvider;
+use super::MbedCryptoProvider;
 use parsec_interface::operations::{psa_hash_compare, psa_hash_compute};
 use parsec_interface::requests::{ResponseStatus, Result};
 use psa_crypto::operations::hash;
 
-impl MbedProvider {
+impl MbedCryptoProvider {
     pub(super) fn psa_hash_compute_internal(
         &self,
         op: psa_hash_compute::Operation,

src/providers/mbed_provider/key_agreement.rs renamed to src/providers/mbed_crypto_provider/key_agreement.rs

@@ -1,6 +1,6 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use super::{key_management, MbedProvider};
+use super::{key_management, MbedCryptoProvider};
 use crate::authenticators::ApplicationName;
 use crate::key_info_managers::KeyTriple;
 use parsec_interface::operations::psa_raw_key_agreement;
@@ -9,7 +9,7 @@ use parsec_interface::secrecy::Secret;
 use psa_crypto::operations::key_agreement;
 use psa_crypto::types::key;
 
-impl MbedProvider {
+impl MbedCryptoProvider {
     pub(super) fn psa_raw_key_agreement(
         &self,
         app_name: ApplicationName,

src/providers/mbed_provider/key_management.rs renamed to src/providers/mbed_crypto_provider/key_management.rs

@@ -1,6 +1,6 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
-use super::MbedProvider;
+use super::MbedCryptoProvider;
 use crate::authenticators::ApplicationName;
 use crate::key_info_managers;
 use crate::key_info_managers::{KeyInfo, KeyTriple, ManageKeyInfo};
@@ -90,7 +90,7 @@ pub fn key_info_exists(key_triple: &KeyTriple, store_handle: &dyn ManageKeyInfo)
         .map_err(key_info_managers::to_response_status)
 }
 
-impl MbedProvider {
+impl MbedCryptoProvider {
     pub(super) fn psa_generate_key_internal(
         &self,
         app_name: ApplicationName,

src/providers/mbed_provider/mod.rs renamed to src/providers/mbed_crypto_provider/mod.rs

@@ -48,7 +48,7 @@ const SUPPORTED_OPCODES: [Opcode; 14] = [
 
 #[derive(Derivative)]
 #[derivative(Debug)]
-pub struct MbedProvider {
+pub struct MbedCryptoProvider {
     // When calling write on a reference of key_info_store, a type
     // std::sync::RwLockWriteGuard<dyn ManageKeyInfo + Send + Sync> is returned. We need to use the
     // dereference operator (*) to access the inner type dyn ManageKeyInfo + Send + Sync and then
@@ -67,33 +67,35 @@ pub struct MbedProvider {
     id_counter: AtomicU32,
 }
 
-impl MbedProvider {
-    /// Creates and initialise a new instance of MbedProvider.
-    /// Checks if there are not more keys stored in the Key Info Manager than in the MbedProvider and
+impl MbedCryptoProvider {
+    /// Creates and initialise a new instance of MbedCryptoProvider.
+    /// Checks if there are not more keys stored in the Key Info Manager than in the MbedCryptoProvider and
     /// if there, delete them. Adds Key IDs currently in use in the local IDs store.
     /// Returns `None` if the initialisation failed.
-    fn new(key_info_store: Arc<RwLock<dyn ManageKeyInfo + Send + Sync>>) -> Option<MbedProvider> {
+    fn new(
+        key_info_store: Arc<RwLock<dyn ManageKeyInfo + Send + Sync>>,
+    ) -> Option<MbedCryptoProvider> {
         // Safety: this function should be called before any of the other Mbed Crypto functions
         // are.
         if let Err(error) = psa_crypto::init() {
             format_error!("Error when initialising Mbed Crypto", error);
             return None;
         }
-        let mbed_provider = MbedProvider {
+        let mbed_crypto_provider = MbedCryptoProvider {
             key_info_store,
             key_handle_mutex: Mutex::new(()),
             id_counter: AtomicU32::new(key::PSA_KEY_ID_USER_MIN),
         };
         let mut max_key_id: key::psa_key_id_t = key::PSA_KEY_ID_USER_MIN;
         {
             // The local scope allows to drop store_handle and local_ids_handle in order to return
-            // the mbed_provider.
-            let mut store_handle = mbed_provider
+            // the mbed_crypto_provider.
+            let mut store_handle = mbed_crypto_provider
                 .key_info_store
                 .write()
                 .expect("Key store lock poisoned");
             let mut to_remove: Vec<KeyTriple> = Vec::new();
-            // Go through all MbedProvider key triple to key info mappings and check if they are still
+            // Go through all MbedCryptoProvider key triple to key info mappings and check if they are still
             // present.
             // Delete those who are not present and add to the local_store the ones present.
             match store_handle.get_all(ProviderID::MbedCrypto) {
@@ -135,12 +137,12 @@ impl MbedProvider {
                 }
             }
         }
-        mbed_provider.id_counter.store(max_key_id, Relaxed);
-        Some(mbed_provider)
+        mbed_crypto_provider.id_counter.store(max_key_id, Relaxed);
+        Some(mbed_crypto_provider)
     }
 }
 
-impl Provide for MbedProvider {
+impl Provide for MbedCryptoProvider {
     fn describe(&self) -> Result<(ProviderInfo, HashSet<Opcode>)> {
         trace!("describe ingress");
         Ok((ProviderInfo {
@@ -282,36 +284,36 @@ impl Provide for MbedProvider {
 
 #[derive(Default, Derivative)]
 #[derivative(Debug)]
-pub struct MbedProviderBuilder {
+pub struct MbedCryptoProviderBuilder {
     #[derivative(Debug = "ignore")]
     key_info_store: Option<Arc<RwLock<dyn ManageKeyInfo + Send + Sync>>>,
 }
 
-impl MbedProviderBuilder {
-    pub fn new() -> MbedProviderBuilder {
-        MbedProviderBuilder {
+impl MbedCryptoProviderBuilder {
+    pub fn new() -> MbedCryptoProviderBuilder {
+        MbedCryptoProviderBuilder {
             key_info_store: None,
         }
     }
 
     pub fn with_key_info_store(
         mut self,
         key_info_store: Arc<RwLock<dyn ManageKeyInfo + Send + Sync>>,
-    ) -> MbedProviderBuilder {
+    ) -> MbedCryptoProviderBuilder {
         self.key_info_store = Some(key_info_store);
 
         self
     }
 
-    pub fn build(self) -> std::io::Result<MbedProvider> {
-        MbedProvider::new(
+    pub fn build(self) -> std::io::Result<MbedCryptoProvider> {
+        MbedCryptoProvider::new(
             self.key_info_store
                 .ok_or_else(|| Error::new(ErrorKind::InvalidData, "missing key info store"))?,
         )
         .ok_or_else(|| {
             Error::new(
                 ErrorKind::InvalidData,
-                "Mbed Provider initialization failed",
+                "MbedCrypto Provider initialization failed",
             )
         })
     }