Added provider names to the config.

This is an optional field and will default to a suitable name for each provider if it is not provided.

Two providers cannot have the same name.

Closes parallaxsecond#487

Signed-off-by: Matt Davis <[email protected]>

config.toml

@@ -101,6 +101,8 @@ manager_type = "OnDisk"
 
 # Example of an Mbed Crypto provider configuration.
 [[provider]]
+# (Optional) The name of the provider
+# name = "mbed-crypto-provider"
 # (Required) Type of provider.
 provider_type = "MbedCrypto"
 
@@ -114,6 +116,8 @@ key_info_manager = "on-disk-manager"
 
 # Example of a PKCS 11 provider configuration
 #[[provider]]
+# (Optional) The name of the provider
+# name = "pkcs11-provider"
 #provider_type = "Pkcs11"
 #key_info_manager = "on-disk-manager"
 # (Required for this provider) Path to the location of the dynamic library loaded by this provider.
@@ -134,6 +138,8 @@ key_info_manager = "on-disk-manager"
 
 # Example of a TPM provider configuration
 #[[provider]]
+# (Optional) The name of the provider
+# name = "tpm-provider"
 #provider_type = "Tpm"
 #key_info_manager = "on-disk-manager"
 # (Required) TPM TCTI device to use with this provider. The string can include configuration values - if no
@@ -160,6 +166,8 @@ key_info_manager = "on-disk-manager"
 # All below parameters depend on what devices, interfaces or parameters are required or supported by
 # "rust-cryptoauthlib" wrapper for cryptoauthlib and underlying hardware.
 #[[provider]]
+# (Optional) The name of the provider
+# name = "cryptoauthlib-provider"
 #provider_type = "CryptoAuthLib"
 #key_info_manager = "on-disk-manager"
 ##########
@@ -212,6 +220,8 @@ key_info_manager = "on-disk-manager"
 
 # Example of a Trusted Service provider configuration.
 #[[provider]]
+# (Optional) The name of the provider
+# name = "trusted-service-provider"
 # (Required) Type of provider.
 #provider_type = "TrustedService"
 

src/back/backend_handler.rs

@@ -33,6 +33,7 @@ pub struct BackEndHandler {
     provider: Arc<dyn Provide + Send + Sync>,
     #[derivative(Debug = "ignore")]
     converter: Box<dyn Convert + Send + Sync>,
+    provider_name: String,
     provider_id: ProviderId,
     content_type: BodyType,
     accept_type: BodyType,
@@ -291,6 +292,7 @@ pub struct BackEndHandlerBuilder {
     #[derivative(Debug = "ignore")]
     converter: Option<Box<dyn Convert + Send + Sync>>,
     provider_id: Option<ProviderId>,
+    provider_name: Option<String>,
     content_type: Option<BodyType>,
     accept_type: Option<BodyType>,
 }
@@ -302,6 +304,7 @@ impl BackEndHandlerBuilder {
             provider: None,
             converter: None,
             provider_id: None,
+            provider_name: None,
             content_type: None,
             accept_type: None,
         }
@@ -325,6 +328,12 @@ impl BackEndHandlerBuilder {
         self
     }
 
+    /// Set the provider name of the BackEndHandler
+    pub fn with_provider_name(mut self, provider_name: String) -> Self {
+        self.provider_name = Some(provider_name);
+        self
+    }
+
     /// Set the content type that the BackEndHandler supports
     pub fn with_content_type(mut self, content_type: BodyType) -> Self {
         self.content_type = Some(content_type);
@@ -349,6 +358,9 @@ impl BackEndHandlerBuilder {
             provider_id: self
                 .provider_id
                 .ok_or_else(|| Error::new(ErrorKind::InvalidData, "provider_id is missing"))?,
+            provider_name: self
+                .provider_name
+                .ok_or_else(|| Error::new(ErrorKind::InvalidData, "provider_name is missing"))?,
             content_type: self
                 .content_type
                 .ok_or_else(|| Error::new(ErrorKind::InvalidData, "content_type is missing"))?,

src/providers/cryptoauthlib/mod.rs

@@ -31,13 +31,20 @@ mod key_management;
 mod key_slot;
 mod key_slot_storage;
 
+// The UUID for this provider
+const PROVIDER_UUID: &str = "b8ba81e2-e9f7-4bdd-b096-a29d0019960c";
+
 /// CryptoAuthLib provider structure
 #[derive(Derivative)]
 #[derivative(Debug)]
 pub struct Provider {
     #[derivative(Debug = "ignore")]
     device: rust_cryptoauthlib::AteccDevice,
     provider_id: ProviderId,
+    // The name of the provider set in the config.
+    provider_name: String,
+    // The UUID of the provider.
+    provider_uuid: String,
     #[derivative(Debug = "ignore")]
     key_info_store: KeyInfoManagerClient,
     key_slots: KeySlotStorage,
@@ -47,6 +54,7 @@ pub struct Provider {
 impl Provider {
     /// Creates and initialises an instance of CryptoAuthLibProvider
     fn new(
+        provider_name: String,
         key_info_store: KeyInfoManagerClient,
         atca_iface: rust_cryptoauthlib::AtcaIfaceCfg,
         access_key_file_name: Option<String>,
@@ -72,6 +80,8 @@ impl Provider {
         cryptoauthlib_provider = Provider {
             device,
             provider_id: ProviderId::CryptoAuthLib,
+            provider_uuid: String::from(PROVIDER_UUID),
+            provider_name,
             key_info_store,
             key_slots: KeySlotStorage::new(),
             supported_opcodes: HashSet::new(),
@@ -228,7 +238,7 @@ impl Provide for Provider {
         trace!("describe ingress");
         Ok((ProviderInfo {
             // Assigned UUID for this provider: b8ba81e2-e9f7-4bdd-b096-a29d0019960c
-            uuid: Uuid::parse_str("b8ba81e2-e9f7-4bdd-b096-a29d0019960c").or(Err(ResponseStatus::InvalidEncoding))?,
+            uuid: Uuid::parse_str(PROVIDER_UUID).or(Err(ResponseStatus::InvalidEncoding))?,
             description: String::from("User space hardware provider, utilizing MicrochipTech CryptoAuthentication Library for ATECCx08 chips"),
             vendor: String::from("Arm"),
             version_maj: 0,
@@ -417,6 +427,7 @@ impl Provide for Provider {
 #[derive(Default, Derivative)]
 #[derivative(Debug)]
 pub struct ProviderBuilder {
+    provider_name: Option<String>,
     #[derivative(Debug = "ignore")]
     key_info_store: Option<KeyInfoManagerClient>,
     device_type: Option<String>,
@@ -433,6 +444,7 @@ impl ProviderBuilder {
     /// Create a new CryptoAuthLib builder
     pub fn new() -> ProviderBuilder {
         ProviderBuilder {
+            provider_name: None,
             key_info_store: None,
             device_type: None,
             iface_type: None,
@@ -445,6 +457,13 @@ impl ProviderBuilder {
         }
     }
 
+    /// Add a provider name
+    pub fn with_provider_name(mut self, provider_name: String) -> ProviderBuilder {
+        self.provider_name = Some(provider_name);
+
+        self
+    }
+
     /// Add a KeyInfo manager
     pub fn with_key_info_store(mut self, key_info_store: KeyInfoManagerClient) -> ProviderBuilder {
         self.key_info_store = Some(key_info_store);
@@ -556,6 +575,9 @@ impl ProviderBuilder {
             None => return Err(Error::new(ErrorKind::InvalidData, "Missing inteface type")),
         };
         Provider::new(
+            self.provider_name.ok_or_else(|| {
+                std::io::Error::new(std::io::ErrorKind::InvalidData, "missing provider name")
+            })?,
             self.key_info_store
                 .ok_or_else(|| Error::new(ErrorKind::InvalidData, "missing key info store"))?,
             iface_cfg,

src/providers/mbed_crypto/mod.rs

@@ -51,10 +51,18 @@ const SUPPORTED_OPCODES: [Opcode; 15] = [
     Opcode::PsaGenerateRandom,
 ];
 
+// The UUID for this provider
+const PROVIDER_UUID: &str = "1c1139dc-ad7c-47dc-ad6b-db6fdb466552";
+
 /// Mbed Crypto provider structure
 #[derive(Derivative)]
 #[derivative(Debug)]
 pub struct Provider {
+    // The name of the provider set in the config.
+    provider_name: String,
+    // The UUID of the provider.
+    provider_uuid: String,
+
     // When calling write on a reference of key_info_store, a type
     // std::sync::RwLockWriteGuard<dyn ManageKeyInfo + Send + Sync> is returned. We need to use the
     // dereference operator (*) to access the inner type dyn ManageKeyInfo + Send + Sync and then
@@ -78,14 +86,16 @@ impl Provider {
     /// Checks if there are not more keys stored in the Key Info Manager than in the MbedCryptoProvider and
     /// if there, delete them. Adds Key IDs currently in use in the local IDs store.
     /// Returns `None` if the initialisation failed.
-    fn new(key_info_store: KeyInfoManagerClient) -> Option<Provider> {
+    fn new(provider_name: String, key_info_store: KeyInfoManagerClient) -> Option<Provider> {
         // Safety: this function should be called before any of the other Mbed Crypto functions
         // are.
         if let Err(error) = psa_crypto::init() {
             format_error!("Error when initialising Mbed Crypto", error);
             return None;
         }
         let mbed_crypto_provider = Provider {
+            provider_name,
+            provider_uuid: String::from(PROVIDER_UUID),
             key_info_store,
             key_handle_mutex: Mutex::new(()),
             id_counter: AtomicU32::new(key::PSA_KEY_ID_USER_MIN),
@@ -149,7 +159,7 @@ impl Provide for Provider {
         trace!("describe ingress");
         Ok((ProviderInfo {
             // Assigned UUID for this provider: 1c1139dc-ad7c-47dc-ad6b-db6fdb466552
-            uuid: Uuid::parse_str("1c1139dc-ad7c-47dc-ad6b-db6fdb466552").or(Err(ResponseStatus::InvalidEncoding))?,
+            uuid: Uuid::parse_str(PROVIDER_UUID).or(Err(ResponseStatus::InvalidEncoding))?,
             description: String::from("User space software provider, based on Mbed Crypto - the reference implementation of the PSA crypto API"),
             vendor: String::from("Arm"),
             version_maj: 0,
@@ -319,6 +329,7 @@ impl Provide for Provider {
 #[derive(Default, Derivative)]
 #[derivative(Debug)]
 pub struct ProviderBuilder {
+    provider_name: Option<String>,
     #[derivative(Debug = "ignore")]
     key_info_store: Option<KeyInfoManagerClient>,
 }
@@ -327,10 +338,18 @@ impl ProviderBuilder {
     /// Create a new provider builder
     pub fn new() -> ProviderBuilder {
         ProviderBuilder {
+            provider_name: None,
             key_info_store: None,
         }
     }
 
+    /// Add a provider name
+    pub fn with_provider_name(mut self, provider_name: String) -> ProviderBuilder {
+        self.provider_name = Some(provider_name);
+
+        self
+    }
+
     /// Add a KeyInfo manager
     pub fn with_key_info_store(mut self, key_info_store: KeyInfoManagerClient) -> ProviderBuilder {
         self.key_info_store = Some(key_info_store);
@@ -341,6 +360,9 @@ impl ProviderBuilder {
     /// Build into a MbedProvider
     pub fn build(self) -> std::io::Result<Provider> {
         Provider::new(
+            self.provider_name.ok_or_else(|| {
+                std::io::Error::new(std::io::ErrorKind::InvalidData, "missing provider name")
+            })?,
             self.key_info_store
                 .ok_or_else(|| Error::new(ErrorKind::InvalidData, "missing key info store"))?,
         )

src/providers/pkcs11/mod.rs

@@ -49,6 +49,9 @@ const SUPPORTED_OPCODES: [Opcode; 8] = [
     Opcode::PsaAsymmetricEncrypt,
 ];
 
+// The UUID for this provider
+const PROVIDER_UUID: &str = "30e39502-eba6-4d60-a4af-c518b7f5e38f";
+
 /// Provider for Public Key Cryptography Standard #11
 ///
 /// Operations for this provider are serviced through a PKCS11 interface,
@@ -57,6 +60,10 @@ const SUPPORTED_OPCODES: [Opcode; 8] = [
 #[derive(Derivative)]
 #[derivative(Debug)]
 pub struct Provider {
+    // The name of the provider set in the config.
+    provider_name: String,
+    // The UUID of the provider.
+    provider_uuid: String,
     #[derivative(Debug = "ignore")]
     key_info_store: KeyInfoManagerClient,
     local_ids: RwLock<LocalIdStore>,
@@ -73,6 +80,7 @@ impl Provider {
     /// and if there are, delete them. Adds Key IDs currently in use in the local IDs store.
     /// Returns `None` if the initialisation failed.
     fn new(
+        provider_name: String,
         key_info_store: KeyInfoManagerClient,
         backend: Pkcs11,
         slot_number: Slot,
@@ -86,6 +94,8 @@ impl Provider {
 
         #[allow(clippy::mutex_atomic)]
         let pkcs11_provider = Provider {
+            provider_name,
+            provider_uuid: String::from(PROVIDER_UUID),
             key_info_store,
             local_ids: RwLock::new(HashSet::new()),
             backend,
@@ -209,8 +219,7 @@ impl Provide for Provider {
         Ok((
             ProviderInfo {
                 // Assigned UUID for this provider: 30e39502-eba6-4d60-a4af-c518b7f5e38f
-                uuid: Uuid::parse_str("30e39502-eba6-4d60-a4af-c518b7f5e38f")
-                    .or(Err(ResponseStatus::InvalidEncoding))?,
+                uuid: Uuid::parse_str(PROVIDER_UUID).or(Err(ResponseStatus::InvalidEncoding))?,
                 description: String::from(
                     "PKCS #11 provider, interfacing with a PKCS #11 library.",
                 ),
@@ -338,6 +347,7 @@ impl Provide for Provider {
 #[derive(Default, Derivative)]
 #[derivative(Debug)]
 pub struct ProviderBuilder {
+    provider_name: Option<String>,
     #[derivative(Debug = "ignore")]
     key_info_store: Option<KeyInfoManagerClient>,
     pkcs11_library_path: Option<String>,
@@ -351,6 +361,7 @@ impl ProviderBuilder {
     /// Create a new Pkcs11Provider builder
     pub fn new() -> ProviderBuilder {
         ProviderBuilder {
+            provider_name: None,
             key_info_store: None,
             pkcs11_library_path: None,
             slot_number: None,
@@ -360,6 +371,13 @@ impl ProviderBuilder {
         }
     }
 
+    /// Add a provider name
+    pub fn with_provider_name(mut self, provider_name: String) -> ProviderBuilder {
+        self.provider_name = Some(provider_name);
+
+        self
+    }
+
     /// Add a KeyInfo manager
     pub fn with_key_info_store(mut self, key_info_store: KeyInfoManagerClient) -> ProviderBuilder {
         self.key_info_store = Some(key_info_store);
@@ -442,6 +460,9 @@ impl ProviderBuilder {
             })?;
 
         Ok(Provider::new(
+            self.provider_name.ok_or_else(|| {
+                std::io::Error::new(std::io::ErrorKind::InvalidData, "missing provider name")
+            })?,
             self.key_info_store
                 .ok_or_else(|| Error::new(ErrorKind::InvalidData, "missing key info store"))?,
             backend,