Libraries
Some deployments build common functionality into libraries that may be used by other deployments or external applications. The following library deployments are currently supported:
The libraries will have a build type-specific suffix added to the base name of
their binaries, allowing multiple binaries to be installed in the same tree.
(See Selecting the build type) This differentiation applies to the
Debug and DebugCoverage build types. The system integrator must choose
which single Release<XXX> build type is to be supported in the system.
Package managers and mutually exclusive release packages can be used to add
further flexibility.
libts
Userspace applications that depend on trusted services may use libts for handling service discovery and RPC messaging. A major benefit to application developers is that libts entirely decouples client applications from details of where a service provider is deployed and how to communicate with it. All TS test executables and tools that interact with service providers use libts.
To facilitate test and development within a native PC environment, the libts deployment for the linux-pc environment integrates a set of service providers into the library itself. From a client application’s perspective, this looks exactly the same as when running on a target platform with service providers deployed in secure processing environments. For more information, see: Service Locator.
Supported Environments |
|
Used by |
|
libpsats
Trusted Services implements the PSA Certified APIs. Libpsats encapsulates the service client implementations which implement this API. Linux uuser-space applications can use libpsats to easily access the PSA services implemented by the project. Libpsats depends on libts for RPC and service discovery services.
Supported Environments |
|
Used by |
|
Depends on |
|
Build and integration examples
Build as shared library:
cmake -S ./trusted-services/deployments/libpsats/linux-pc/ -B ./build
make -C build && make -C build install
Warning
Building as static library is not yet supported.
To integrate the library libts shall also be integrated. To achieve this add the listed lines to the application’s cmake files:
find_package(libpsats "1.0.0" REQUIRED PATHS "<install path>")
find_package(libts "2.0.0" REQUIRED PATHS "<install path>")
target_link_libraries(ts-demo PRIVATE libpsats::psats)
Initialization
Before calling any function from libpsats the proper part of the library has to be initialized. Before exiting the application (or when PSA services are no longer needed) the initialized parts must be deinitialized. To access the library libpsats.h must be included:
psa_status_t libpsats_init_crypto_context(const char *service_name);
void libpsats_deinit_crypto_context(void);
psa_status_t libpsats_init_attestation_context(const char *service_name);
void libpsats_deinit_attestation_context(void);
psa_status_t libpsats_init_its_context(const char *service_name);
void libpsats_deinit_its_context(void);
psa_status_t libpsats_init_ps_context(const char *service_name);
void libpsats_deinit_ps_context(void);
The example below initializes and then deinitializes crypto:
psa_status_t psa_status = libpsats_init_crypto_context("sn:trustedfirmware.org:crypto:0");
if (psa_status) {
printf("libpsats_init_crypto_context failed: %d\n", psa_status);
return PSA_ERROR_GENERIC_ERROR;
}
libpsats_deinit_crypto_context();
Known issues and Limitations
libsp
libsp provides a functional interface for using FF-A messaging and memory management facilities. libsp is used in SP deployments. For more information, see: libsp.
Supported Environments |
|
Used by |
|
Known issues and Limitations
Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved.
SPDX-License-Identifier: BSD-3-Clause