/// </summary>
public class LoginMethod
{
- public const uint Public = 0x00000000; ///< No login data is provided.
- public const uint User = 0x00000001; ///< Login data about the user running the Client Application process is provided.
- public const uint Group = 0x00000002; ///< Login data about the group running the Client Application process is provided.
- public const uint Application = 0x00000003; ///< Login data about the running Client Application itself is provided.
+ /// <summary>No login data is provided.</summary>
+ public const uint Public = 0x00000000;
+ /// <summary>Login data about the user running the Client Application process is provided.</summary>
+ public const uint User = 0x00000001;
+ /// <summary>Login data about the group running the Client Application process is provided.</summary>
+ public const uint Group = 0x00000002;
+ /// <summary>Login data about the running Client Application itself is provided.</summary>
+ public const uint Application = 0x00000003;
}
/// <summary>
/// </summary>
public enum TEFValueType : UInt32
{
- Input = 0x00000001, ///< The Parameter is a TEFValueType tagged as input.
- Output = 0x00000002, ///< The Parameter is a TEFValueType tagged as output.
- InOut = 0x00000003, ///< The Parameter is a TEFValueType tagged as both as input and output.
+ /// <summary>The Parameter is a ValueType tagged as input.</summary>
+ Input = 0x00000001,
+ /// <summary>The Parameter is a ValueType tagged as output.</summary>
+ Output = 0x00000002,
+ /// <summary>The Parameter is a ValueType tagged as both as input and output.</summary>
+ InOut = 0x00000003,
}
/// <summary>
/// </summary>
public enum TEFTempMemoryType : UInt32
{
- Input = 0x00000005, ///< The Parameter is a TEFTempMemoryType and is tagged as input
- Output = 0x00000006, ///< Same as Input, but the Memory Reference is tagged as output
- InOut = 0x00000007, ///< A Temporary Memory Reference tagged as both input and output.
+ /// <summary>The Parameter is a TempMemoryType and is tagged as input.</summary>
+ Input = 0x00000005,
+ /// <summary>Same as Input, but the Memory Reference is tagged as output.</summary>
+ Output = 0x00000006,
+ /// <summary>A Temporary Memory Reference tagged as both input and output.</summary>
+ InOut = 0x00000007,
}
/// <summary>
/// </summary>
public enum TEFRegisteredMemoryType : UInt32
{
- Whole = 0x0000000C, ///< The Parameter is a Registered Memory Reference that refers to the entirety of its parent Shared Memory block.
- PartialInput = 0x0000000D, ///< A Registered Memory Reference structure that refers to a partial region of its parent Shared Memory block and is tagged as input.
- PartialOutput = 0x0000000E, ///< A Registered Memory Reference structure that refers to a partial region of its parent Shared Memory block and is tagged as output.
- PartialInOut = 0x0000000F, ///< A Registered Memory Reference structure that refers to a partial region of its parent Shared Memory block and is tagged as both input and output
+ /// <summary>The Parameter is a Registered Memory Reference that refers to the entirety of its parent Shared Memory block.</summary>
+ Whole = 0x0000000C,
+ /// <summary>A Registered Memory Reference structure that refers to a partial region of its parent Shared Memory block and is tagged as input.</summary>
+ PartialInput = 0x0000000D,
+ /// <summary>A Registered Memory Reference structure that refers to a partial region of its parent Shared Memory block and is tagged as output.</summary>
+ PartialOutput = 0x0000000E,
+ /// <summary>A Registered Memory Reference structure that refers to a partial region of its parent Shared Memory block and is tagged as both input and output.</summary>
+ PartialInOut = 0x0000000F,
}
/// <summary>
[Flags]
public enum SharedMemoryFlags : UInt32
{
- Input = 0x00000001, ///< A flag indicates Shared Memory can be read
- Output = 0x00000002, ///< A flag indicates Shared Memory can be written
+ /// <summary>A flag indicates Shared Memory can be read.</summary>
+ Input = 0x00000001,
+ /// <summary>A flag indicates Shared Memory can be written.</summary>
+ Output = 0x00000002,
}
/// <summary>
/// There can be up to four Parameter objects given in the {paramlist} array
/// </summary>
/// <param name="destination">The UUID of destination TA</param>
- /// <param name="loginMethod">The authentication algorithm @see LoginMethod</param>
+ /// <param name="loginMethod">The authentication algorithm <see cref="LoginMethod" /></param>
/// <param name="connectionData">The data to be verified by given login method</param>
/// <param name="paramlist">The parameters to be passed to TA open-session-callback</param>
public Session OpenSession(Guid destination, uint loginMethod, byte[] connectionData, Parameter[] paramlist)
/// @see OpenSession(Guid destination, uint connectionMethod, byte[] connectionData, Parameter[] paramlist, CancellationToken token)
/// </summary>
/// <param name="destination">The UUID of destination TA</param>
- /// <param name="loginMethod">The authentication algorithm @see LoginMethod</param>
+ /// <param name="loginMethod">The authentication algorithm <see cref="LoginMethod" /></param>
/// <param name="connectionData">The data to be verified by given login method</param>
/// <param name="paramlist">The parameters to be passed to TA open-session-callback</param>
/// <param name="token">The token for task manipulation</param>
/// <summary>
/// This function registers a block of existing Client Application memory as a block of Shared Memory within
/// the scope of the specified Context, in accordance with the parameters.
- /// The input {memaddr} MUST point to the shared memory region to register
+ /// The input <paramref name="memaddr"/> MUST point to the shared memory region to register
/// </summary>
/// <param name="memaddr">The address of shared memory</param>
/// <param name="size">The size of shared memory</param>
--- /dev/null
+/**
+<summary>
+The communication API for connecting Client Applications running in a rich operating environment
+with security related Trusted Applications running inside a Trusted Execution Environment (TEE).
+</summary>
+
+<remarks>
+<h2>Overview</h2>
+<para>
+A TEE provides an execution environment with security capabilities, which are either available to Trusted Applications
+running inside the TEE or exposed externally to Client Applications.
+The TEE Client API concentrates on the interface to enable efficient communications between
+a Client Application and a Trusted Application running inside the TEE.
+Higher level standards and protocol layers may be built on top of the foundation
+provided by the TEE Client API – for example, to cover common tasks such as secure storage,
+cryptography, and run-time installation of new Trusted Applications.
+The separation between the rich environment and the TEE is guaranted.
+</para>
+<para>
+The key design principles of the TEE Client API are:
+<list type="bullet">
+<item>
+ <term>Client-side memory allocations</term>
+ <description>
+ Where possible the design of the TEE Client API has placed the responsibility for memory
+ allocation on the calling Client Application code. This gives the Client developer choice of
+ memory allocation locations, enabling simple optimizations such as stack-based allocation
+ or enhanced flexibility using placements in static global memory or thread-local storage.<br />
+ This design choice is evident in the API by the use of pointers to structures rather than
+ opaque handles to represent any manipulated objects.
+ </description>
+</item>
+<item>
+ <term>Aim for zero-copy data transfer</term>
+ <description>
+ The features of the TEE Client API are chosen to maximize the possibility of zero-copy
+ data transfer between the Client Application and the Trusted Application.<br />
+ However, short messages can also be passed by copy, which avoids the overhead of
+ sharing memory.
+ </description>
+</item>
+<item>
+ <term>Support memory sharing by pointers</term>
+ <description>
+ The TEE Client API will be used to implement higher-level APIs, such as cryptography or
+ secure storage, where the caller will often provide memory buffers for input or output data
+ using simple C pointers. The TEE Client API must allow efficient sharing of this type of
+ memory, and as such does not rely on the Client Application being able to use bulk
+ memory buffers allocated by the TEE Client API.
+ </description>
+</item>
+<item>
+ <term>Specify only communication mechanisms</term>
+ <description>
+ This API focuses on defining the underlying communications channel. It does not define
+ the format of the messages which pass over the channel, or the protocols used by specific
+ Trusted Applications.
+ </description>
+</item>
+
+</list>
+</para>
+</remarks>
+
+<example>
+The following example demonstrates how to invoke command on Trused Application.
+<code>
+ Guid ta_uuid = new Guid("TA-guid-put-here");
+ Context ctx = new Context(null);
+ Session ses = ctx.OpenSession(ta_uuid);
+ Parameter[] p = { new Value(1,2,TEFValueType.In) };
+ ses.InvokeCommand(1, p);
+ ses.Close();
+ ctx.Dispose();
+</code>
+</example>
+*/
+namespace Tizen.Security.TEEC {}
projects / platform / core / csapi / tizenfx.git / commitdiff