Specification of Cryptography

AUTOSAR AP R22-11

4
Description: Signature container interface This interface is applicable for keeping the Digital Signature, Hash
Digest, (Hash-based) Message Authentication Code (MAC/HMAC). In case of a keyed
signature (Digital Signature or MAC/HMAC) a COUID of the signature verification key can be
obtained by a call of CryptoObject::HasDependence()!

c(RS_CRYPTO_02203, RS_CRYPTO_02204, RS_CRYPTO_02205)

[SWS_CRYPT_23500]{DRAFT} d
Kind: class
Symbol: SignerPrivateCtx
Scope: namespace ara::crypto::cryp
Base class: CryptoContext
Syntax: class ara::crypto::cryp::SignerPrivateCtx : public CryptoContext
{...};
Header file: #include "ara/crypto/cryp/signer_private_ctx.h"
Description: Signature Private key Context interface.

c(RS_CRYPTO_02204)
[SWS_CRYPT_23600]{DRAFT} d
Kind: class
Symbol: StreamCipherCtx
Scope: namespace ara::crypto::cryp
Base class: CryptoContext
Syntax: class ara::crypto::cryp::StreamCipherCtx : public CryptoContext
{...};
Header file: #include "ara/crypto/cryp/stream_cipher_ctx.h"
Description: Generalized Stream Cipher Context interface (it covers all modes of operation).

c(RS_CRYPTO_02201)
[SWS_CRYPT_23700]{DRAFT} d
Kind: class
Symbol: SymmetricBlockCipherCtx
Scope: namespace ara::crypto::cryp
Base class: CryptoContext
Syntax: class ara::crypto::cryp::SymmetricBlockCipherCtx : public Crypto
Context {...};
Header file: #include "ara/crypto/cryp/symmetric_block_cipher_ctx.h"
Description: Interface of a Symmetric Block Cipher Context with padding.

c(RS_CRYPTO_02201)

121 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_23800]{DRAFT} d
Kind: class
Symbol: SymmetricKey
Scope: namespace ara::crypto::cryp
Base class: RestrictedUseObject
Syntax: class ara::crypto::cryp::SymmetricKey : public RestrictedUseObject
{...};
Header file: #include "ara/crypto/cryp/cryobj/symmetric_key.h"
Description: Symmetric Key interface.

c(RS_CRYPTO_02001, RS_CRYPTO_02403)
[SWS_CRYPT_24000]{DRAFT} d
Kind: class
Symbol: SymmetricKeyWrapperCtx
Scope: namespace ara::crypto::cryp
Base class: CryptoContext
Syntax: class ara::crypto::cryp::SymmetricKeyWrapperCtx : public Crypto
Context {...};
Header file: #include "ara/crypto/cryp/symmetric_key_wrapper_ctx.h"
Description: Context of a symmetric key wrap algorithm (for AES it should be compatible with RFC3394 or
RFC5649). The public interface of this context is dedicated for raw key material wrapping/
unwrapping, i.e. without any meta-information assigned to the key material in source crypto
object. But additionally this context type should support some "hidden" low-level methods
suitable for whole crypto object exporting/importing. Key Wrapping of a whole crypto object
(including associated meta-information) can be done by methods: ExportSecuredObject() and
ImportSecuredObject(), but without compliance to RFC3394 or RFC5649.

c(RS_CRYPTO_02104, RS_CRYPTO_02208)
[SWS_CRYPT_24100]{DRAFT} d
Kind: class
Symbol: VerifierPublicCtx
Scope: namespace ara::crypto::cryp
Base class: CryptoContext
Syntax: class ara::crypto::cryp::VerifierPublicCtx : public CryptoContext
{...};
Header file: #include "ara/crypto/cryp/verifier_public_ctx.h"
Description: Signature Verification Public key Context interface.

c(RS_CRYPTO_02204)
[SWS_CRYPT_20319]{DRAFT} d
Kind: function
Symbol: Check(const Signature &expected)
Scope: class ara::crypto::cryp::AuthCipherCtx
5

122 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual ara::core::Result<bool> ara::crypto::cryp::AuthCipher
Ctx::Check (const Signature &expected) const noexcept=0;
Parameters (in): expected the signature object containing an expected digest
value
Return value: ara::core::Result< bool > true if value and meta-information of the provided
"signature" object is identical to calculated digest
and current configuration of the context respectively;
but false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not finished by a call of
Finished the Finish() method
CryptoErrorDomain::kIncompatible if the provided "signature" object was produced by
Object another crypto primitive type
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Check the calculated digest against an expected "signature" object. Entire digest value is kept
in the context up to next call Start(), therefore it can be verified again or extracted. This method
can be implemented as "inline" after standartization of function ara::core::memcmp().

c(RS_CRYPTO_02203, RS_CRYPTO_02204)
[SWS_CRYPT_20102]{DRAFT} d
Kind: function
Symbol: GetDigestService()
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual DigestService::Uptr ara::crypto::cryp::AuthCipherCtx::Get
DigestService () const noexcept=0;
Return value: DigestService::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Get DigestService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_20316]{DRAFT} d
Kind: function
Symbol: GetDigest(std::size_t offset=0)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::AuthCipherCtx::GetDigest (std::size_t offset=0)
const noexcept=0;
Parameters (in): offset position of the first byte of digest that should be
placed to the output buffer
Return value: ara::core::Result< ara::core::Vector< an output buffer storing the requested digest
ara::core::Byte > > fragment or the full digest
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not finished by a call of
Finished the Finish() method
5

123 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
CryptoErrorDomain::kUsageViolation if the buffered digest belongs to a MAC/HMAC/AE/
AEAD context initialized by a key without kAllow
Signature permission
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Retrieve the calculated digest. The entire digest value is kept in the context until the next call of
Start(). Therefore, the digest can be re-checked or extracted at any time. If the offset is larger
than the digest, an empty buffer shall be returned. This method can be implemented as "inline"
after standardization of function ara::core::memcpy().

c(RS_CRYPTO_02207)
[SWS_CRYPT_21715]{DRAFT} d
Kind: function
Symbol: GetTransformation()
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<CryptoTransform> ara::crypto::cryp::Auth
CipherCtx::GetTransformation () const noexcept=0;
Return value: ara::core::Result< CryptoTransform > CryptoTransform
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUninitialized if the transformation direction of this context is
Context configurable during an initialization, but the context
was not initialized yet
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Get the kind of transformation configured for this context: kEncrypt or kDecrypt.

c(RS_CRYPTO_02309)
[SWS_CRYPT_20103]{DRAFT} d
Kind: function
Symbol: GetMaxAssociatedDataSize()
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual std::uint64_t ara::crypto::cryp::AuthCipherCtx::GetMax
AssociatedDataSize () const noexcept=0;
Return value: std::uint64_t maximal supported size of associated public data in
bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Get maximal supported size of associated public data.

c(RS_CRYPTO_02309)
[SWS_CRYPT_23634]{DRAFT} d
Kind: function
Symbol: ProcessConfidentialData(ReadOnlyMemRegion in, ara::core::Optional< ReadOnlyMemRegion
> expectedTag)
5

124 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::AuthCipherCtx::ProcessConfidentialData (ReadOnlyMem
Region in, ara::core::Optional< ReadOnlyMemRegion > expectedTag)
noexcept=0;
Parameters (in): in the input buffer containing the full message
expectedTag optional pointer to read only mem region containing
the auth-tag for verification.
Return value: ara::core::Result< ara::core::Vector< the processed data
ara::core::Byte > >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidInputSize if size of the input buffer is not divisible by the block
size (see GetBlockSize())
CryptoErrorDomain::kProcessingNot if the data processing was not started by a call of the
Started Start() method
CryptoErrorDomain::kAuthTagNotValid if the processed data cannot be authenticated
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Process confidential data and return result. The input buffer will be overwritten by the
processed message. This function is the final call, i.e. all associated data must have been
already provided. Hence, the function will check the authentication tag and only return the
processed data, if the tag is valid.

c(RS_CRYPTO_02302)
[SWS_CRYPT_23635]{DRAFT} d
Kind: function
Symbol: ProcessConfidentialData(ReadWriteMemRegion inOut, ara::core::Optional< ReadOnlyMem
Region > expectedTag)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::ProcessConfidentialData (ReadWriteMemRegion inOut,
ara::core::Optional< ReadOnlyMemRegion > expectedTag) noexcept=0;
Parameters (in): inOut the input buffer containing the full message
expectedTag optional pointer to read only mem region containing
the auth-tag for verification.
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidInputSize if size of the input buffer is not divisible by the block
size (see GetBlockSize())
CryptoErrorDomain::kProcessingNot if the data processing was not started by a call of the
Started Start() method
CryptoErrorDomain::kAuthTagNotValid if the processed data cannot be authenticated
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Process confidential data and update the input buffer with the processed message. The input
buffer will be overwritten by the processed message After this method is called no additional
associated data may be updated.

c(RS_CRYPTO_02302)

125 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20414]{DRAFT} d
Kind: function
Symbol: Reset()
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::Reset () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Clear the crypto context. .

c(RS_CRYPTO_02108)
[SWS_CRYPT_23911]{DRAFT} d
Kind: function
Symbol: SetKey(const SymmetricKey &key, CryptoTransform transform=CryptoTransform::kEncrypt)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipherCtx::Set
Key (const SymmetricKey &key, CryptoTransform transform=Crypto
Transform::kEncrypt) noexcept=0;
Parameters (in): key the source key object
transform the "direction" indicator: deploy the key for
encryption (if true) or for decryption (if false)
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncompatible if the provided key object is incompatible with this
Object symmetric key context
CryptoErrorDomain::kUsageViolation if the transformation type associated with this
context (taking into account the direction specified
by transform) is prohibited by the "allowed usage"
restrictions of provided key object
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Set (deploy) a key to the authenticated cipher symmetric algorithm context.

c(RS_CRYPTO_02001, RS_CRYPTO_02003)
[SWS_CRYPT_24714]{DRAFT} d
Kind: function
Symbol: Start(ReadOnlyMemRegion iv=ReadOnlyMemRegion())
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::Start (ReadOnlyMemRegion iv=ReadOnlyMemRegion()) noexcept=0;
Parameters (in): iv an optional Initialization Vector (IV) or "nonce" value
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
5

126 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Errors: CryptoErrorDomain::kUninitialized if the context was not initialized
Context
CryptoErrorDomain::kInvalidInputSize if the size of provided IV is not supported (i.e. if it is
not enough for the initialization)
CryptoErrorDomain::kUnsupported if the base algorithm (or its current implementation)
principally doesn’t support the IV variation, but
provided IV value is not empty, i.e. if (iv.empty() ==
false)
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Initialize the context for a new data processing or generation (depending from the primitive). If
IV size is greater than maximally supported by the algorithm then an implementation may use
the leading bytes only from the sequence.

c(RS_CRYPTO_02302)
[SWS_CRYPT_24715]{DRAFT} d
Kind: function
Symbol: Start(const SecretSeed &iv)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::Start (const SecretSeed &iv) noexcept=0;
Parameters (in): iv the Initialization Vector (IV) or "nonce" object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUninitialized if the context was not initialized
Context
CryptoErrorDomain::kInvalidInputSize if the size of provided IV is not supported (i.e. if it is
not enough for the initialization)
CryptoErrorDomain::kUnsupported if the base algorithm (or its current implementation)
principally doesn’t support the IV variation
CryptoErrorDomain::kUsageViolation if this transformation type is prohibited by the
"allowed usage" restrictions of the provided Secret
Seed object
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Initialize the context for a new data processing or generation (depending from the primitive). If
IV size is greater than maximally supported by the algorithm then an implementation may use
the leading bytes only from the sequence.

c(RS_CRYPTO_02302)
[SWS_CRYPT_20312]{DRAFT} d
Kind: function
Symbol: UpdateAssociatedData(const RestrictedUseObject &in)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::UpdateAssociatedData (const RestrictedUseObject &in) noexcept=0;
Parameters (in): in a part of input message that should be processed
Return value: ara::core::Result< void > –
5

127 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not initiated by a call of
Started the Start() method
CryptoErrorDomain::kInvalidUsage if ProcessConfidentialData has already been called
Order
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Update the digest calculation by the specified RestrictedUseObject. This method is dedicated
for cases then the RestrictedUseObject is a part of the "message".

c(RS_CRYPTO_02302)
[SWS_CRYPT_20313]{DRAFT} d
Kind: function
Symbol: UpdateAssociatedData(ReadOnlyMemRegion in)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::UpdateAssociatedData (ReadOnlyMemRegion in) noexcept=0;
Parameters (in): in a part of the input message that should be
processed
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not initiated by a call of
Started the Start() method
CryptoErrorDomain::kInvalidUsage if ProcessConfidentialData has already been called
Order
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Update the digest calculation by a new chunk of associated data.

c(RS_CRYPTO_02302)
[SWS_CRYPT_20314]{DRAFT} d
Kind: function
Symbol: UpdateAssociatedData(std::uint8_t in)
Scope: class ara::crypto::cryp::AuthCipherCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::AuthCipher
Ctx::UpdateAssociatedData (std::uint8_t in) noexcept=0;
Parameters (in): in a byte value that is a part of input message
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not initiated by a call of
Started the Start() method
CryptoErrorDomain::kInvalidUsage if ProcessConfidentialData has already been called
Order
Header file: #include "ara/crypto/cryp/auth_cipher_ctx.h"
Description: Update the digest calculation by the specified Byte. This method is convenient for processing of
constant tags.

128 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

c(RS_CRYPTO_02302)
[SWS_CRYPT_29035]{DRAFT} d
Kind: function
Symbol: GetActualIvBitLength(ara::core::Optional< CryptoObjectUid > ivUid)
Scope: class ara::crypto::cryp::BlockService
Syntax: virtual std::size_t ara::crypto::cryp::BlockService::GetActualIvBit
Length (ara::core::Optional< CryptoObjectUid > ivUid) const
noexcept=0;
Parameters (in): ivUid optional pointer to a buffer for saving an COUID of a
IV object now loaded to the context. If the context
was initialized by a SecretSeed object then the
output buffer *ivUid must be filled by COUID of this
loaded IV object, in other cases *ivUid must be filled
by all zeros.
Return value: std::size_t actual length of the IV (now set to the algorithm
context) in bits
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/block_service.h"
Description: Get actual bit-length of an IV loaded to the context.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29033]{DRAFT} d
Kind: function
Symbol: GetBlockSize()
Scope: class ara::crypto::cryp::BlockService
Syntax: virtual std::size_t ara::crypto::cryp::BlockService::GetBlockSize ()
const noexcept=0;
Return value: std::size_t size of the block in bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/block_service.h"
Description: Get block (or internal buffer) size of the base algorithm.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29032]{DRAFT} d
Kind: function
Symbol: GetIvSize()
Scope: class ara::crypto::cryp::BlockService
Syntax: virtual std::size_t ara::crypto::cryp::BlockService::GetIvSize ()
const noexcept=0;
Return value: std::size_t default expected size of IV in bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/block_service.h"
Description: Get default expected size of the Initialization Vector (IV) or nonce.

c(RS_CRYPTO_02309)

129 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_29034]{DRAFT} d
Kind: function
Symbol: IsValidIvSize(std::size_t ivSize)
Scope: class ara::crypto::cryp::BlockService
Syntax: virtual bool ara::crypto::cryp::BlockService::IsValidIvSize
(std::size_t ivSize) const noexcept=0;
Parameters (in): ivSize the length of the IV in bytes
Return value: bool true if provided IV length is supported by the
algorithm and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/block_service.h"
Description: Verify validity of specific Initialization Vector (IV) length.

c(RS_CRYPTO_02309)
[SWS_CRYPT_20401]{DRAFT} d
Kind: function
Symbol: ~CryptoContext()
Scope: class ara::crypto::cryp::CryptoContext
Syntax: virtual ara::crypto::cryp::CryptoContext::~CryptoContext ()
noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/crypto_context.h"
Description: Destructor.

c(RS_CRYPTO_02008)
[SWS_CRYPT_20411]{DRAFT} d
Kind: function
Symbol: GetCryptoPrimitiveId()
Scope: class ara::crypto::cryp::CryptoContext
Syntax: virtual CryptoPrimitiveId::Uptr ara::crypto::cryp::CryptoContext::Get
CryptoPrimitiveId () const noexcept=0;
Return value: CryptoPrimitiveId::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/crypto_context.h"
Description: Return CryptoPrimitivId instance containing instance identification.

c(RS_CRYPTO_02008)
[SWS_CRYPT_20412]{DRAFT} d
Kind: function
Symbol: IsInitialized()
Scope: class ara::crypto::cryp::CryptoContext
5

130 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual bool ara::crypto::cryp::CryptoContext::IsInitialized () const
noexcept=0;
Return value: bool true if the crypto context is completely initialized and
ready to use, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_context.h"
Description: Check if the crypto context is already initialized and ready to use. It checks all required values,
including: key value, IV/seed, etc.

c(RS_CRYPTO_02309)
[SWS_CRYPT_30214]{DRAFT} d
Kind: function
Symbol: operator=(const CryptoContext &other)
Scope: class ara::crypto::cryp::CryptoContext
Syntax: CryptoContext& ara::crypto::cryp::CryptoContext::operator= (const
CryptoContext &other)=default;
Parameters (in): other the other instance
Return value: CryptoContext & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/crypto_context.h"
Description: Copy-assign another CryptoContext to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30215]{DRAFT} d
Kind: function
Symbol: operator=(CryptoContext &&other)
Scope: class ara::crypto::cryp::CryptoContext
Syntax: CryptoContext& ara::crypto::cryp::CryptoContext::operator= (Crypto
Context &&other)=default;
Parameters (in): other the other instance
Return value: CryptoContext & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/crypto_context.h"
Description: Move-assign another CryptoContext to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_20654]{DRAFT} d
Kind: function
Symbol: MyProvider()
Scope: class ara::crypto::cryp::CryptoContext
Syntax: virtual CryptoProvider& ara::crypto::cryp::CryptoContext::MyProvider
() const noexcept=0;
Return value: CryptoProvider & a reference to Crypto Provider instance that
provides this context
5

131 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_context.h"
Description: Get a reference to Crypto Provider of this context.

c(RS_CRYPTO_02401)
[SWS_CRYPT_20503]{DRAFT} d
Kind: function
Symbol: ~CryptoObject()
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual ara::crypto::cryp::CryptoObject::~CryptoObject ()
noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Destructor.

c(RS_CRYPTO_02005)
[SWS_CRYPT_20518]{DRAFT} d
Kind: function
Symbol: Downcast(CryptoObject::Uptrc &&object)
Scope: class ara::crypto::cryp::CryptoObject
Syntax: template <class ConcreteObject>
static ara::core::Result<typename ConcreteObject::Uptrc>
ara::crypto::cryp::CryptoObject::Downcast (CryptoObject::Uptrc
&&object) noexcept;
Template param: ConcreteObject target type (derived from CryptoObject) for
downcasting
Parameters (in): object unique smart pointer to the constant generic Crypto
Object interface
Return value: ara::core::Result< typename Concrete unique smart pointer to downcasted constant
Object::Uptrc > interface of specified derived type
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kBadObjectType if an actual type of the object is not the specified
ConcreteObject
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Downcast and move unique smart pointer from the generic CryptoObject interface to concrete
derived object.

c(RS_CRYPTO_02005)
[SWS_CRYPT_20505]{DRAFT} d
Kind: function
Symbol: GetCryptoPrimitiveId()
Scope: class ara::crypto::cryp::CryptoObject
5

132 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual CryptoPrimitiveId::Uptr ara::crypto::cryp::CryptoObject::Get
CryptoPrimitiveId () const noexcept=0;
Return value: CryptoPrimitiveId::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Return the CryptoPrimitivId of this CryptoObject.

c(RS_CRYPTO_02005)
[SWS_CRYPT_20514]{DRAFT} d
Kind: function
Symbol: GetObjectId()
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual COIdentifier ara::crypto::cryp::CryptoObject::GetObjectId ()
const noexcept=0;
Return value: COIdentifier the object’s COIdentifier including the object’s type
and COUID (or an empty COUID, if this object is not
identifiable).
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Return the object’s COIdentifier, which includes the object’s type and UID. An object that has no
assigned COUID cannot be (securely) serialized / exported or saved to a non-volatile storage.
An object should not have a COUID if it is session and non-exportable simultaneously A few
related objects of different types can share a single COUID (e.g. private and public keys), but a
combination of COUID and object type must be unique always!

c(RS_CRYPTO_02005)
[SWS_CRYPT_20516]{DRAFT} d
Kind: function
Symbol: GetPayloadSize()
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual std::size_t ara::crypto::cryp::CryptoObject::GetPayloadSize ()
const noexcept=0;
Return value: std::size_t size in bytes of the object’s payload required for its
storage
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Return actual size of the object’s payload. Returned value always must be less than or equal to
the maximum payload size expected for this primitive and object type, it is available via call: My
Provider().GetPayloadStorageSize(GetObjectType(), GetPrimitiveId()).Value(); Returned value
does not take into account the object’s meta-information properties, but their size is fixed and
common for all crypto objects independently from their actual type. During an allocation of a
TrustedContainer, Crypto Providers (and Key Storage Providers) reserve space for an object’s
meta-information automatically, according to their implementation details.

c(RS_CRYPTO_02309)

133 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20515]{DRAFT} d
Kind: function
Symbol: HasDependence()
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual COIdentifier ara::crypto::cryp::CryptoObject::HasDependence ()
const noexcept=0;
Return value: COIdentifier target COIdentifier of the existing dependence or
CryptoObjectType::kUnknown and empty COUID, if
the current object does not depend on another
CryptoObject
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Return the COIdentifier of the CryptoObject that this CryptoObject depends on. For signatures
objects this method must return a reference to correspondent signature verification public key!
Unambiguous identification of a CryptoObject requires both components: CryptoObjectUid and
CryptoObjectType.

c(RS_CRYPTO_02005)
[SWS_CRYPT_20513]{DRAFT} d
Kind: function
Symbol: IsExportable()
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual bool ara::crypto::cryp::CryptoObject::IsExportable () const
noexcept=0;
Return value: bool true if the object is exportable (i.e. if it can be
exported outside the trusted environment of the
Crypto Provider)
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Get the exportability attribute of the crypto object. An exportable object must have an assigned
COUID (see GetObjectId()).

c(RS_CRYPTO_02005)
[SWS_CRYPT_20512]{DRAFT} d
Kind: function
Symbol: IsSession()
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual bool ara::crypto::cryp::CryptoObject::IsSession () const
noexcept=0;
Return value: bool true if the object is temporay (i.e. its life time is
limited by the current session only)
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
5

134 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Description: Return the "session" (or "temporary") attribute of the object. A temporary object cannot be
saved to a persistent storage location pointed to by an IOInterface! A temporary object will be
securely destroyed together with this interface instance! A non-session object must have an
assigned COUID (see GetObjectId()).

c(RS_CRYPTO_02003)
[SWS_CRYPT_20517]{DRAFT} d
Kind: function
Symbol: Save(IOInterface &container)
Scope: class ara::crypto::cryp::CryptoObject
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::CryptoObject::Save
(IOInterface &container) const noexcept=0;
Parameters (in): container IOInterface representing underlying storage
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncompatible if the object is "session", but the IOInterface
Object represents a KeySlot.
CryptoErrorDomain::kContent if the object doesn’t satisfy the slot restrictions (
Restrictions
CryptoErrorDomain::kInsufficient if the capacity of the target container is not enough,
Capacity i.e. if (container.Capacity() < this->StorageSize())
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kUnreserved if the IOInterface is not opened writeable.
Resource
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Save itself to provided IOInterface A CryptoObject with property "session" cannot be saved in a
KeySlot.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30208]{DRAFT} d
Kind: function
Symbol: operator=(const CryptoObject &other)
Scope: class ara::crypto::cryp::CryptoObject
Syntax: CryptoObject& ara::crypto::cryp::CryptoObject::operator= (const Crypto
Object &other)=default;
Parameters (in): other the other instance
Return value: CryptoObject & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Copy-assign another CryptoObject to this instance.

c(RS_CRYPTO_02009)

135 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_30209]{DRAFT} d
Kind: function
Symbol: operator=(CryptoObject &&other)
Scope: class ara::crypto::cryp::CryptoObject
Syntax: CryptoObject& ara::crypto::cryp::CryptoObject::operator= (CryptoObject
&&other)=default;
Parameters (in): other the other instance
Return value: CryptoObject & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/cryobj/crypto_object.h"
Description: Move-assign another CryptoObject to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10808]{DRAFT} d
Kind: function
Symbol: ~CryptoPrimitiveId()
Scope: class ara::crypto::cryp::CryptoPrimitiveId
Syntax: virtual ara::crypto::cryp::CryptoPrimitiveId::~CryptoPrimitiveId ()
noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/cryobj/crypto_primitive_id.h"
Description: Destructor.

c(RS_CRYPTO_02005)
[SWS_CRYPT_20652]{DRAFT} d
Kind: function
Symbol: GetPrimitiveId()
Scope: class ara::crypto::cryp::CryptoPrimitiveId
Syntax: virtual AlgId ara::crypto::cryp::CryptoPrimitiveId::GetPrimitiveId ()
const noexcept=0;
Return value: AlgId the binary Crypto Primitive ID
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_primitive_id.h"
Description: Get vendor specific ID of the primitive.

c(RS_CRYPTO_02309)
[SWS_CRYPT_20651]{DRAFT} d
Kind: function
Symbol: GetPrimitiveName()
Scope: class ara::crypto::cryp::CryptoPrimitiveId
Syntax: virtual const ara::core::StringView ara::crypto::cryp::CryptoPrimitive
Id::GetPrimitiveName () const noexcept=0;
Return value: const ara::core::StringView the unified name of the crypto primitive
5

136 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/cryobj/crypto_primitive_id.h"
Description: Get a unified name of the primitive. The crypto primitive name can be fully or partially specified
(see "Crypto Primitives Naming Convention" for more details). The life-time of the returned
StringView instance should not exceed the life-time of this CryptoPrimitiveId instance!

c(RS_CRYPTO_02308)
[SWS_CRYPT_30212]{DRAFT} d
Kind: function
Symbol: operator=(const CryptoPrimitiveId &other)
Scope: class ara::crypto::cryp::CryptoPrimitiveId
Syntax: CryptoPrimitiveId& ara::crypto::cryp::CryptoPrimitiveId::operator=
(const CryptoPrimitiveId &other)=default;
Parameters (in): other the other instance
Return value: CryptoPrimitiveId & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/cryobj/crypto_primitive_id.h"
Description: Copy-assign another CryptoPrimitiveId to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30213]{DRAFT} d
Kind: function
Symbol: operator=(CryptoPrimitiveId &&other)
Scope: class ara::crypto::cryp::CryptoPrimitiveId
Syntax: CryptoPrimitiveId& ara::crypto::cryp::CryptoPrimitiveId::operator= (
CryptoPrimitiveId &&other)=default;
Parameters (in): other the other instance
Return value: CryptoPrimitiveId & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/cryobj/crypto_primitive_id.h"
Description: Move-assign another CryptoPrimitiveId to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_20726]{DRAFT} d
Kind: function
Symbol: AllocVolatileContainer(std::size_t capacity=0)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<VolatileTrustedContainer::Uptr>
ara::crypto::cryp::CryptoProvider::AllocVolatileContainer (std::size_t
capacity=0) noexcept=0;
Parameters (in): capacity the capacity required for this volatile trusted
container (in bytes)
Return value: ara::core::Result< VolatileTrusted unique smart pointer to an allocated volatile trusted
Container::Uptr > container
Exception Safety: noexcept
5

137 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Allocate a Volatile (virtual) Trusted Container according to directly specified capacity. The
Volatile Trusted Container can be used for execution of the import operations. Current process
obtains the "Owner" rights for allocated Container. If (capacity == 0) then the capacity of the
container will be selected automatically according to a maximal size of supported crypto
objects. A few volatile (temporary) containers can coexist at same time without any affecting
each-other.

c(RS_CRYPTO_02005, RS_CRYPTO_02006)
[SWS_CRYPT_20727]{DRAFT} d
Kind: function
Symbol: AllocVolatileContainer(std::pair< AlgId, CryptoObjectType > theObjectDef)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<VolatileTrustedContainer::Uptr>
ara::crypto::cryp::CryptoProvider::AllocVolatileContainer (std::pair<
AlgId, CryptoObjectType > theObjectDef) noexcept=0;
Parameters (in): theObjectDef the list of objects that can be stored to this volatile
trusted container
Return value: ara::core::Result< VolatileTrusted unique smart pointer to an allocated volatile trusted
Container::Uptr > container
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if unsupported combination of object type and
algorithm ID presents in the list
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Allocate a Volatile (virtual) Trusted Container according to indirect specification of a minimal
required capacity for hosting of any listed object. The Volatile Trusted Container can be used for
execution of the import operations. Current process obtains the "Owner" rights for allocated
Container. Real container capacity is calculated as a maximal storage size of all listed objects.

c(RS_CRYPTO_02005, RS_CRYPTO_02006)
[SWS_CRYPT_20711]{DRAFT} d
Kind: function
Symbol: ConvertToAlgId(ara::core::StringView primitiveName)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual AlgId ara::crypto::cryp::CryptoProvider::ConvertToAlgId (
ara::core::StringView primitiveName) const noexcept=0;
Parameters (in): primitiveName the unified name of the crypto primitive (see "Crypto
Primitives Naming Convention" for more details)
Return value: AlgId vendor specific binary algorithm ID or kAlgId
Undefined if a primitive with provided name is not
supported
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Convert a common name of crypto algorithm to a correspondent vendor specific binary
algorithm ID.

c(RS_CRYPTO_02308)

138 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20712]{DRAFT} d
Kind: function
Symbol: ConvertToAlgName(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<ara::core::String> ara::crypto::cryp::Crypto
Provider::ConvertToAlgName (AlgId algId) const noexcept=0;
Parameters (in): algId the vendor specific binary algorithm ID
Return value: ara::core::Result< ara::core::String > the common name of the crypto algorithm (see
"Crypto Primitives Naming Convention" for more
details)
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Convert a vendor specific binary algorithm ID to a correspondent common name of the crypto
algorithm.

c(RS_CRYPTO_02308)
[SWS_CRYPT_20745]{DRAFT} d
Kind: function
Symbol: CreateAuthCipherCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<AuthCipherCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateAuthCipherCtx (AlgId algId)
noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< AuthCipherCtx::Uptr unique smart pointer to the created context
>
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from symmetric authenticated stream
cipher
CryptoErrorDomain::kInvalidArgument –
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a symmetric authenticated cipher context.

c(RS_CRYPTO_02207, RS_AP_00144)
[SWS_CRYPT_20751]{DRAFT} d
Kind: function
Symbol: CreateDecryptorPrivateCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
5

139 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual ara::core::Result<DecryptorPrivateCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateDecryptorPrivateCtx (AlgId
algId) noexcept=0;
Parameters (in): algId identifier of the target asymmetric encryption/
decryption algorithm
Return value: ara::core::Result< DecryptorPrivate unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from asymmetric encryption/decryption
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a decryption private key context.

c(RS_CRYPTO_02202, RS_AP_00144)
[SWS_CRYPT_20750]{DRAFT} d
Kind: function
Symbol: CreateEncryptorPublicCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<EncryptorPublicCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateEncryptorPublicCtx (AlgId alg
Id) noexcept=0;
Parameters (in): algId identifier of the target asymmetric encryption/
decryption algorithm
Return value: ara::core::Result< EncryptorPublic unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from asymmetric encryption/decryption
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create an encryption public key context.

c(RS_CRYPTO_02202, RS_AP_00144)
[SWS_CRYPT_20761]{DRAFT} d
Kind: function
Symbol: CreateHashDigest(AlgId hashAlgId, ReadOnlyMemRegion value)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<Signature::Uptrc> ara::crypto::cryp::Crypto
Provider::CreateHashDigest (AlgId hashAlgId, ReadOnlyMemRegion value)
noexcept=0;
Parameters (in): hashAlgId identifier of an applied hash function crypto
algorithm
5

140 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
value raw BLOB value of the hash digest
Return value: ara::core::Result< Signature::Uptrc > unique smart pointer to the created Signature object
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if hashAlgId argument has unsupported value
Identifier
CryptoErrorDomain::kInvalidArgument if hashAlgId argument specifies crypto algorithm
different from a hash function
CryptoErrorDomain::kInvalidInputSize if the value argument has invalid size (i.e.
incompatible with the hashAlgId argument)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Construct Signature object from directly provided components of a hash digest.

c(RS_CRYPTO_02005, RS_CRYPTO_02006, RS_AP_00144)

[SWS_CRYPT_20747]{DRAFT} d
Kind: function
Symbol: CreateHashFunctionCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<HashFunctionCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateHashFunctionCtx (AlgId algId)
noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< HashFunction unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from hash function
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a hash function context.

c(RS_CRYPTO_02205, RS_AP_00144)
[SWS_CRYPT_20758]{DRAFT} d
Kind: function
Symbol: CreateKeyAgreementPrivateCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<KeyAgreementPrivateCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateKeyAgreementPrivateCtx (AlgId
algId) noexcept=0;
Parameters (in): algId identifier of the target key-agreement crypto
algorithm
Return value: ara::core::Result< KeyAgreement unique smart pointer to the created context
PrivateCtx::Uptr >
Exception Safety: noexcept
5

141 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from key-agreement
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a key-agreement private key context.

c(RS_CRYPTO_02104, RS_AP_00144)
[SWS_CRYPT_20753]{DRAFT} d
Kind: function
Symbol: CreateKeyDecapsulatorPrivateCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<KeyDecapsulatorPrivateCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateKeyDecapsulatorPrivateCtx (
AlgId algId) noexcept=0;
Parameters (in): algId identifier of the target KEM crypto algorithm
Return value: ara::core::Result< KeyDecapsulator unique smart pointer to the created context
PrivateCtx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from asymmetric KEM
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a key-decapsulator private key context of a Key Encapsulation Mechanism (KEM).

c(RS_CRYPTO_02104, RS_CRYPTO_02209, RS_AP_00144)

[SWS_CRYPT_20748]{DRAFT} d
Kind: function
Symbol: CreateKeyDerivationFunctionCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<KeyDerivationFunctionCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateKeyDerivationFunctionCtx (Alg
Id algId) noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< KeyDerivation unique smart pointer to the created context
FunctionCtx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from key derivation function
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a key derivation function context.

c(RS_CRYPTO_02103, RS_AP_00144)

142 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20752]{DRAFT} d
Kind: function
Symbol: CreateKeyEncapsulatorPublicCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<KeyEncapsulatorPublicCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateKeyEncapsulatorPublicCtx (Alg
Id algId) noexcept=0;
Parameters (in): algId identifier of the target KEM crypto algorithm
Return value: ara::core::Result< KeyEncapsulator unique smart pointer to the created context
PublicCtx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from asymmetric KEM
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a key-encapsulator public key context of a Key Encapsulation Mechanism (KEM).

c(RS_CRYPTO_02104, RS_CRYPTO_02209, RS_AP_00144)

[SWS_CRYPT_20746]{DRAFT} d
Kind: function
Symbol: CreateMessageAuthnCodeCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<MessageAuthnCodeCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateMessageAuthnCodeCtx (AlgId
algId) noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< MessageAuthnCode unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from symmetric message authentication
code
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a symmetric message authentication code context.

c(RS_CRYPTO_02203, RS_AP_00144)
[SWS_CRYPT_20755]{DRAFT} d
Kind: function
Symbol: CreateMsgRecoveryPublicCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
5

143 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual ara::core::Result<MsgRecoveryPublicCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateMsgRecoveryPublicCtx (AlgId
algId) noexcept=0;
Parameters (in): algId identifier of the target asymmetric crypto algorithm
Return value: ara::core::Result< MsgRecoveryPublic unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from asymmetric signature encoding with
message recovery
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a message recovery public key context.

c(RS_CRYPTO_02202, RS_CRYPTO_02204, RS_AP_00144)

[SWS_CRYPT_20741]{DRAFT} d
Kind: function
Symbol: CreateRandomGeneratorCtx(AlgId algId=kAlgIdDefault, bool initialize=true)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<RandomGeneratorCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateRandomGeneratorCtx (AlgId alg
Id=kAlgIdDefault, bool initialize=true) noexcept=0;
Parameters (in): algId identifier of target RNG algorithm. If no algId is
given, the default RNG is returned
initialize indicates whether the returned context shall be
initialized (i.e., seeded) by the stack
Return value: ara::core::Result< RandomGenerator unique smart pointer to the created RNG context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if algId argument has an unsupported value or if (alg
Identifier Id == kAlgIdDefault) and the CryptoProvider does
not provide any RandomGeneratorCtx
CryptoErrorDomain::kBusyResource if (initialize == true) but the context currently cannot
be seeded (e.g., due to a lack of entropy)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a Random Number Generator (RNG) context.

c(RS_CRYPTO_02206)
[SWS_CRYPT_20754]{DRAFT} d
Kind: function
Symbol: CreateSigEncodePrivateCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
5

144 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual ara::core::Result<SigEncodePrivateCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateSigEncodePrivateCtx (AlgId
algId) noexcept=0;
Parameters (in): algId identifier of the target asymmetric crypto algorithm
Return value: ara::core::Result< SigEncodePrivate unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from asymmetric signature encoding with
message recovery
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a signature encoding private key context.

c(RS_CRYPTO_02202, RS_CRYPTO_02204, RS_AP_00144)

[SWS_CRYPT_20760]{DRAFT} d
Kind: function
Symbol: CreateSignature(AlgId signAlgId, ReadOnlyMemRegion value, const RestrictedUseObject
&key, AlgId hashAlgId=kAlgIdNone)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<Signature::Uptrc> ara::crypto::cryp::Crypto
Provider::CreateSignature (AlgId signAlgId, ReadOnlyMemRegion value,
const RestrictedUseObject &key, AlgId hashAlgId=kAlgIdNone)
noexcept=0;
Parameters (in): signAlgId identifier of an applied signature/MAC/AE/AEAD
crypto algorithm
value raw BLOB value of the signature/MAC
key symmetric or asymmetric key (according to signAlg
Id) applied for the sign or MAC/AE/AEAD operation
hashAlgId identifier of a hash function algorithm applied
together with the signature algorithm
Return value: ara::core::Result< Signature::Uptrc > unique smart pointer to the created Signature object
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if signAlgId or hashAlgId arguments have
Identifier unsupported values
CryptoErrorDomain::kInvalidArgument if signAlgId or hashAlgId arguments specify crypto
algorithms different from the signature/MAC/AE/
AEAD and message digest respectively
CryptoErrorDomain::kIncompatible if signAlgId and hashAlgId arguments specify
Arguments incompatible algorithms (if signAlgId includes hash
function specification) or if a crypto primitive
associated with the key argument is incompatible
with provided signAlgId or hashAlgId arguments
CryptoErrorDomain::kInvalidInputSize if the value argument has invalid size (i.e.
incompatible with the signAlgId argument)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
5

145 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Description: Construct Signature object from directly provided components of a digital signature/MAC or
authenticated encryption (AE/AEAD). All integers inside a digital signature BLOB value are
always presented in Big Endian bytes order (i.e. MSF - Most Significant byte First).

c(RS_CRYPTO_02005, RS_CRYPTO_02006, RS_AP_00144)

[SWS_CRYPT_20756]{DRAFT} d
Kind: function
Symbol: CreateSignerPrivateCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<SignerPrivateCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateSignerPrivateCtx (AlgId alg
Id) noexcept=0;
Parameters (in): algId identifier of the target signature crypto algorithm
Return value: ara::core::Result< SignerPrivate unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from private key signature
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a signature private key context.

c(RS_CRYPTO_02204, RS_AP_00144)
[SWS_CRYPT_20744]{DRAFT} d
Kind: function
Symbol: CreateStreamCipherCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<StreamCipherCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateStreamCipherCtx (AlgId algId)
noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< StreamCipher unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from symmetric stream cipher
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a symmetric stream cipher context.

c(RS_CRYPTO_02201)

146 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20742]{DRAFT} d
Kind: function
Symbol: CreateSymmetricBlockCipherCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<SymmetricBlockCipherCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateSymmetricBlockCipherCtx (Alg
Id algId) noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< SymmetricBlock unique smart pointer to the created context
CipherCtx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a symmetric block cipher context.

c(RS_CRYPTO_02201)
[SWS_CRYPT_20743]{DRAFT} d
Kind: function
Symbol: CreateSymmetricKeyWrapperCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<SymmetricKeyWrapperCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateSymmetricKeyWrapperCtx (AlgId
algId) noexcept=0;
Parameters (in): algId identifier of the target crypto algorithm
Return value: ara::core::Result< SymmetricKey unique smart pointer to the created context
WrapperCtx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from symmetric key-wrapping
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a symmetric key-wrap algorithm context.

c(RS_CRYPTO_02104, RS_CRYPTO_02208)
[SWS_CRYPT_20757]{DRAFT} d
Kind: function
Symbol: CreateVerifierPublicCtx(AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<VerifierPublicCtx::Uptr>
ara::crypto::cryp::CryptoProvider::CreateVerifierPublicCtx (AlgId alg
Id) noexcept=0;
Parameters (in): algId identifier of the target signature crypto algorithm
5

147 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Return value: ara::core::Result< VerifierPublic unique smart pointer to the created context
Ctx::Uptr >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidArgument if algId argument specifies a crypto algorithm
different from public key signature verification
CryptoErrorDomain::kUnknown if algId argument has an unsupported value
Identifier
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Create a signature verification public key context.

c(RS_CRYPTO_02204, RS_AP_00144)
[SWS_CRYPT_20710]{DRAFT} d
Kind: function
Symbol: ~CryptoProvider()
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::crypto::cryp::CryptoProvider::~CryptoProvider ()
noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Destructor.

c(RS_CRYPTO_02107)
[SWS_CRYPT_20731]{DRAFT} d
Kind: function
Symbol: ExportPublicObject(const IOInterface &container, Serializable::FormatId format
Id=Serializable::kFormatDefault)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::CryptoProvider::ExportPublicObject (const
IOInterface &container, Serializable::FormatId format
Id=Serializable::kFormatDefault) noexcept=0;
Parameters (in): container the IOInterface that contains an object for export
formatId the CryptoProvider specific identifier of the output
format
Return value: ara::core::Result< ara::core::Vector< actual capacity required for the serialized data
ara::core::Byte > >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kUnexpected if the container contains a secret crypto object
Value
CryptoErrorDomain::kInsufficient if (serialized.empty() == false), but its capacity is not
Capacity enough for storing result
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
5

148 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Export publicly an object from a IOInterface (i.e. without an intermediate creation of a crypto
object).

c(RS_CRYPTO_02105, RS_CRYPTO_02112)
[SWS_CRYPT_20728]{DRAFT} d
Kind: function
Symbol: ExportSecuredObject(const CryptoObject &object, SymmetricKeyWrapperCtx &transport
Context)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::CryptoProvider::ExportSecuredObject (const Crypto
Object &object, SymmetricKeyWrapperCtx &transportContext) noexcept=0;
Parameters (in): object the crypto object for export
transportContext the symmetric key wrap context initialized by a
transport key (allowed usage: kAllowKeyExporting)
Return value: ara::core::Result< ara::core::Vector< the wrapped crypto object data
ara::core::Byte > >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncompatible if the object cannot be exported due to Is
Object Exportable() returning flase
CryptoErrorDomain::kIncompleteArg if the transportContext is not initialized
State
CryptoErrorDomain::kIncompatible if a key loaded to the transportContext doesn’t have
Object required attributes (note: it is an optional error
condition for this method)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Export a crypto object in a secure manner. if (serialized.empty() == true) then the method
returns required size only, but content of the transportContext stays unchanged! Only an
exportable and completed object (i.e. that have a UUID) can be exported!

c(RS_CRYPTO_02105, RS_CRYPTO_02112)
[SWS_CRYPT_20729]{DRAFT} d
Kind: function
Symbol: ExportSecuredObject(const IOInterface &container, SymmetricKeyWrapperCtx &transport
Context)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::CryptoProvider::ExportSecuredObject (const
IOInterface &container, SymmetricKeyWrapperCtx &transportContext)
noexcept=0;
Parameters (in): container the IOInterface that refers an object for export
transportContext the symmetric key wrap context initialized by a
transport key (allowed usage: kAllowKeyExporting)
Return value: ara::core::Result< ara::core::Vector< actual capacity required for the serialized data
ara::core::Byte > >
Exception Safety: noexcept
5

149 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kInsufficient if size of the serialized buffer is not enough for
Capacity saving the output data
CryptoErrorDomain::kIncompleteArg if the transportContext is not initialized
State
CryptoErrorDomain::kIncompatible if a key loaded to the transportContext doesn’t have
Object required attributes (note: it is an optional error
condition for this method)
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Export securely an object directly from an IOInterface (i.e. without an intermediate creation of a
crypto object). if (serialized == nullptr) then the method returns required size only, but content of
the transportContext stays unchanged. This method can be used for re-exporting of just
imported object but on another transport key.

c(RS_CRYPTO_02105, RS_CRYPTO_02112)
[SWS_CRYPT_20722]{DRAFT} d
Kind: function
Symbol: GeneratePrivateKey(AlgId algId, AllowedUsageFlags allowedUsage, bool isSession=false, bool
isExportable=false)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<PrivateKey::Uptrc> ara::crypto::cryp::Crypto
Provider::GeneratePrivateKey (AlgId algId, AllowedUsageFlags allowed
Usage, bool isSession=false, bool isExportable=false) noexcept=0;
Parameters (in): algId the identifier of target public-private key crypto
algorithm
allowedUsage the flags that define a list of allowed transformations’
types in which the target key can be used (see
constants in scope of RestrictedUseObject)
isSession the "session" (or "temporary") attribute for the target
key (if true)
isExportable the exportability attribute of the target key (if true)
Return value: ara::core::Result< PrivateKey::Uptrc > smart unique pointer to the created private key
object
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if algId has an unsupported value
Identifier
CryptoErrorDomain::kIncompatible if allowedUsage argument is incompatible with
Arguments target algorithm algId (note: it is an optional error
condition for this method)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Allocate a new private key context of correspondent type and generates the key value
randomly. A common COUID should be shared for both private and public keys. Any
serializable (i.e. savable/non-session or exportable) key must generate own COUID!

c(RS_CRYPTO_02003, RS_CRYPTO_02101, RS_CRYPTO_02102, RS_CRYPTO_-

02107, RS_CRYPTO_02108, RS_CRYPTO_02111, RS_CRYPTO_02115)

150 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20723]{DRAFT} d
Kind: function
Symbol: GenerateSeed(AlgId algId, SecretSeed::Usage allowedUsage, bool isSession=true, bool is
Exportable=false)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<SecretSeed::Uptrc> ara::crypto::cryp::Crypto
Provider::GenerateSeed (AlgId algId, SecretSeed::Usage allowedUsage,
bool isSession=true, bool isExportable=false) noexcept=0;
Parameters (in): algId the identifier of target crypto algorithm
allowedUsage the lags that define a list of allowed transformations’
types in which the target seed can be used (see
constants in scope of RestrictedUseObject)
isSession the "session" (or "temporary") attribute of the target
seed (if true)
isExportable the exportability attribute of the target seed (if true)
Return value: ara::core::Result< SecretSeed::Uptrc > unique smart pointer to generated SecretSeed
object
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if algId has an unsupported value
Identifier
CryptoErrorDomain::kIncompatible if allowedUsage argument is incompatible with
Arguments target algorithm algId (note: it is an optional error
condition for this method)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Generate a random Secret Seed object of requested algorithm.

c(RS_CRYPTO_02007)
[SWS_CRYPT_20721]{DRAFT} d
Kind: function
Symbol: GenerateSymmetricKey(AlgId algId, AllowedUsageFlags allowedUsage, bool isSession=true,
bool isExportable=false)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<SymmetricKey::Uptrc>
ara::crypto::cryp::CryptoProvider::GenerateSymmetricKey (AlgId algId,
AllowedUsageFlags allowedUsage, bool isSession=true, bool is
Exportable=false) noexcept=0;
Parameters (in): algId the identifier of target symmetric crypto algorithm
allowedUsage the flags that define a list of allowed transformations’
types in which the target key can be used (see
constants in scope of RestrictedUseObject)
isSession the "session" (or "temporary") attribute of the target
key (if true)
isExportable the exportability attribute of the target key (if true)
Return value: ara::core::Result< Symmetric smart unique pointer to the created symmetric key
Key::Uptrc > object
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if algId has an unsupported value
Identifier
5

151 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
CryptoErrorDomain::kIncompatible if allowedUsage argument is incompatible with
Arguments target algorithm algId (note: it is an optional error
condition for this method)
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Allocate a new symmetric key object and fill it by a new randomly generated value. Any
serializable (i.e. savable/non-session or exportable) key must generate own COUID! By default
Crypto Provider should use an internal instance of a best from all supported RNG (ideally
TRNG).

c(RS_CRYPTO_02003, RS_CRYPTO_02101, RS_CRYPTO_02102, RS_CRYPTO_-

02107, RS_CRYPTO_02108, RS_CRYPTO_02111, RS_CRYPTO_02115)
[SWS_CRYPT_20725]{DRAFT} d
Kind: function
Symbol: GetPayloadStorageSize(CryptoObjectType cryptoObjectType, AlgId algId)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<std::size_t> ara::crypto::cryp::Crypto
Provider::GetPayloadStorageSize (CryptoObjectType cryptoObjectType,
AlgId algId) const noexcept=0;
Parameters (in): cryptoObjectType the type of the target object
algId a CryptoProvider algorithm ID of the target object
Return value: ara::core::Result< std::size_t > minimal size required for storing of the object in a
TrustedContainer (persistent or volatile)
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if any argument has an unsupported value
Identifier
CryptoErrorDomain::kIncompatible if the arguments are incompatible
Arguments
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Return minimally required capacity of a key slot for saving of the object’s payload. Returned
value does not take into account the object’s meta-information properties, but their size is fixed
and common for all crypto objects independently from their actual type. During an allocation of
a TrustedContainer, Crypto Providers (and Key Storage Providers) reserve space for an object’s
meta-information automatically, according to their implementation details.

c(RS_CRYPTO_02005, RS_CRYPTO_02006)
[SWS_CRYPT_20724]{DRAFT} d
Kind: function
Symbol: GetSerializedSize(CryptoObjectType cryptoObjectType, AlgId algId, Serializable::FormatId
formatId=Serializable::kFormatDefault)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<std::size_t> ara::crypto::cryp::Crypto
Provider::GetSerializedSize (CryptoObjectType cryptoObjectType, AlgId
algId, Serializable::FormatId formatId=Serializable::kFormatDefault)
const noexcept=0;
Parameters (in): cryptoObjectType the type of the target object
algId the Crypto Provider algorithm ID of the target object
5

152 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
formatId the Crypto Provider specific identifier of the output
format
Return value: ara::core::Result< std::size_t > size required for storing of the object serialized in
the specified format
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnknown if any argument has an unsupported value
Identifier
CryptoErrorDomain::kIncompatible if any pair of the arguments are incompatible
Arguments
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Return required buffer size for serialization of an object in specific format.

c(RS_CRYPTO_02005, RS_CRYPTO_02006)
[SWS_CRYPT_20732]{DRAFT} d
Kind: function
Symbol: ImportPublicObject(IOInterface &container, ReadOnlyMemRegion serialized, CryptoObject
Type expectedObject=CryptoObjectType::kUndefined)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::Crypto
Provider::ImportPublicObject (IOInterface &container, ReadOnlyMem
Region serialized, CryptoObjectType expectedObject=CryptoObjectType::k
Undefined) noexcept=0;
Parameters (in): serialized the memory region that contains a securely
serialized object that should be imported to the
IOInterface
expectedObject the expected object type (default value CryptoObject
Type::kUnknown means without check)
Parameters (out): container the IOInterface for storing of the imported object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnexpected if the serialized contains incorrect data
Value
CryptoErrorDomain::kBadObjectType if (expectedObject != CryptoObjectType::k
Unknown), but the actual object type differs from the
expected one
CryptoErrorDomain::kInsufficient if capacity of the container is not enough to save the
Capacity de-serialized object
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kUnreserved if the IOInterface is not opened writable.
Resource
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Import publicly serialized object to a storage location pointed to by an IOInterface for following
processing (without allocation of a crypto object). If (expectedObject != CryptoObjectType::k
Unknown) and an actual object type differs from the expected one then this method fails. If the
serialized contains incorrect data then this method fails.

c(RS_CRYPTO_02105, RS_CRYPTO_02112)

153 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20730]{DRAFT} d
Kind: function
Symbol: ImportSecuredObject(IOInterface &container, ReadOnlyMemRegion serialized, SymmetricKey
WrapperCtx &transportContext, bool isExportable=false, CryptoObjectType expected
Object=CryptoObjectType::kUndefined)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::Crypto
Provider::ImportSecuredObject (IOInterface &container, ReadOnlyMem
Region serialized, SymmetricKeyWrapperCtx &transportContext, bool is
Exportable=false, CryptoObjectType expectedObject=CryptoObjectType::k
Undefined) noexcept=0;
Parameters (in): serialized the memory region that contains a securely
serialized object that should be imported to the
IOInterface
transportContext the symmetric key wrap context initialized by a
transport key (allowed usage: kAllowKeyImporting)
isExportable the exportability attribute of the target object
expectedObject the expected object type (default value CryptoObject
Type::kUnknown means without check)
Parameters (out): container the IOInterface for storing of the imported object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe

Errors: CryptoErrorDomain::kUnexpected if the serialized contains incorrect data

Value
CryptoErrorDomain::kBadObjectType if (expectedObject != CryptoObjectType::k
Unknown), but the actual object type differs from the
expected one
CryptoErrorDomain::kIncompleteArg if the transportContext is not initialized
State
CryptoErrorDomain::kIncompatible if a key loaded to the transportContext doesn’t have
Object required attributes (note: it is an optional error
condition for this method)
CryptoErrorDomain::kInsufficient if capacity of the container is not enough to save the
Capacity deserialized object
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kUnreserved if the IOInterface is not opened writeable.
Resource
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Import securely serialized object to the persistent or volatile storage represented by an
IOInterface for following processing.

c(RS_CRYPTO_02105, RS_CRYPTO_02112)
[SWS_CRYPT_20733]{DRAFT} d
Kind: function
Symbol: LoadObject(const IOInterface &container)
Scope: class ara::crypto::cryp::CryptoProvider
5

154 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual ara::core::Result<CryptoObject::Uptrc>
ara::crypto::cryp::CryptoProvider::LoadObject (const IOInterface
&container) noexcept=0;
Parameters (in): container the IOInterface that contains the crypto object for
loading
Return value: ara::core::Result< CryptoObject::Uptrc unique smart pointer to the created object
>
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kResourceFault if the container content is damaged
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kIncompatible if the underlying resource belongs to another,
Object incompatible CryptoProvider
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Load any crypto object from the IOInterface provided.
Notes: This method is one of the "binding" methods between a CryptoProvider and the Key Storage
Provider.

c(RS_CRYPTO_02001, RS_CRYPTO_02002, RS_CRYPTO_02005, RS_CRYPTO_-

02006)
[SWS_CRYPT_20764]{DRAFT} d
Kind: function
Symbol: LoadPrivateKey(const IOInterface &container)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<PrivateKey::Uptrc> ara::crypto::cryp::Crypto
Provider::LoadPrivateKey (const IOInterface &container) noexcept=0;
Parameters (in): container the IOInterface that contains the crypto object for
loading
Return value: ara::core::Result< PrivateKey::Uptrc > unique smart pointer to the PrivateKey
Exception Safety: noexcept
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kResourceFault if the container content is damaged
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kIncompatible if the underlying resource belongs to another,
Object incompatible CryptoProvider
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Load a private key from the IOInterface provided.

c(RS_CRYPTO_02001, RS_CRYPTO_02002)

155 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20763]{DRAFT} d
Kind: function
Symbol: LoadPublicKey(const IOInterface &container)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<PublicKey::Uptrc> ara::crypto::cryp::Crypto
Provider::LoadPublicKey (const IOInterface &container) noexcept=0;
Parameters (in): container the IOInterface that contains the crypto object for
loading
Return value: ara::core::Result< PublicKey::Uptrc > unique smart pointer to the PublicKey
Exception Safety: noexcept
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kResourceFault if the container content is damaged
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kIncompatible if the underlying resource belongs to another,
Object incompatible CryptoProvider
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Load a public key from the IOInterface provided.

c(RS_CRYPTO_02001, RS_CRYPTO_02002)
[SWS_CRYPT_20765]{DRAFT} d
Kind: function
Symbol: LoadSecretSeed(const IOInterface &container)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: virtual ara::core::Result<SecretSeed::Uptrc> ara::crypto::cryp::Crypto
Provider::LoadSecretSeed (const IOInterface &container) noexcept=0;
Parameters (in): container the IOInterface that contains the crypto object for
loading
Return value: ara::core::Result< SecretSeed::Uptrc > unique smart pointer to the SecretSeed
Exception Safety: noexcept
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kResourceFault if the container content is damaged
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kIncompatible if the underlying resource belongs to another,
Object incompatible CryptoProvider
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Load secret seed from the IOInterface provided.

c(RS_CRYPTO_02001, RS_CRYPTO_02002)
[SWS_CRYPT_20762]{DRAFT} d
Kind: function
Symbol: LoadSymmetricKey(const IOInterface &container)
Scope: class ara::crypto::cryp::CryptoProvider
5

156 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual ara::core::Result<SymmetricKey::Uptrc>
ara::crypto::cryp::CryptoProvider::LoadSymmetricKey (const IOInterface
&container) noexcept=0;
Parameters (in): container the IOInterface that contains the crypto object for
loading
Return value: ara::core::Result< Symmetric unique smart pointer to the SymmetricKey
Key::Uptrc >
Exception Safety: noexcept
Errors: CryptoErrorDomain::kEmptyContainer if the container is empty
CryptoErrorDomain::kResourceFault if the container content is damaged
CryptoErrorDomain::kModified if the underlying resource has been modified after
Resource the IOInterface has been opened, i.e., the
IOInterface has been invalidated.
CryptoErrorDomain::kIncompatible if the underlying resource belongs to another,
Object incompatible CryptoProvider
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Load a symmetric key from the IOInterface provided.

c(RS_CRYPTO_02001, RS_CRYPTO_02002)
[SWS_CRYPT_29023]{DRAFT} d
Kind: function
Symbol: GetBlockSize()
Scope: class ara::crypto::cryp::CryptoService
Syntax: virtual std::size_t ara::crypto::cryp::CryptoService::GetBlockSize ()
const noexcept=0;
Return value: std::size_t size of the block in bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_service.h"
Description: Get block (or internal buffer) size of the base algorithm. For digest, byte-wise stream cipher and
RNG contexts it is an informative method, intended only for optimization of the interface usage.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29021]{DRAFT} d
Kind: function
Symbol: GetMaxInputSize(bool suppressPadding=false)
Scope: class ara::crypto::cryp::CryptoService
Syntax: virtual std::size_t ara::crypto::cryp::CryptoService::GetMaxInputSize
(bool suppressPadding=false) const noexcept=0;
Parameters (in): suppressPadding if true then the method calculates the size for the
case when the whole space of the plain data block is
used for the payload only
Return value: std::size_t maximum size of the input data block in bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_service.h"
Description: Get maximum expected size of the input data block. suppressPadding argument and it will be
equal to the block size.

157 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

c(RS_CRYPTO_02309)
[SWS_CRYPT_29022]{DRAFT} d
Kind: function
Symbol: GetMaxOutputSize(bool suppressPadding=false)
Scope: class ara::crypto::cryp::CryptoService
Syntax: virtual std::size_t ara::crypto::cryp::CryptoService::GetMaxOutputSize
(bool suppressPadding=false) const noexcept=0;
Parameters (in): suppressPadding if true then the method calculates the size for the
case when the whole space of the plain data block is
used for the payload only
Return value: std::size_t maximum size of the output data block in bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/crypto_service.h"
Description: Get maximum possible size of the output data block. If (IsEncryption() == true) then a value
returned by this method is independent from the suppressPadding argument and will be equal
to the block size.

c(RS_CRYPTO_02309)
[SWS_CRYPT_30216]{DRAFT} d
Kind: function
Symbol: operator=(const CryptoProvider &other)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: CryptoProvider& ara::crypto::cryp::CryptoProvider::operator= (const
CryptoProvider &other)=default;
Parameters (in): other the other instance
Return value: CryptoProvider & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Copy-assign another CryptoProvider to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30217]{DRAFT} d
Kind: function
Symbol: operator=(CryptoProvider &&other)
Scope: class ara::crypto::cryp::CryptoProvider
Syntax: CryptoProvider& ara::crypto::cryp::CryptoProvider::operator= (Crypto
Provider &&other)=default;
Parameters (in): other the other instance
Return value: CryptoProvider & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/crypto_provider.h"
Description: Move-assign another CryptoProvider to this instance.

c(RS_CRYPTO_02004)

158 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20802]{DRAFT} d
Kind: function
Symbol: GetCryptoService()
Scope: class ara::crypto::cryp::DecryptorPrivateCtx
Syntax: virtual CryptoService::Uptr ara::crypto::cryp::DecryptorPrivate
Ctx::GetCryptoService () const noexcept=0;
Return value: CryptoService::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/decryptor_private_ctx.h"
Description: Get CryptoService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_20812]{DRAFT} d
Kind: function
Symbol: ProcessBlock(ReadOnlyMemRegion in, bool suppressPadding=false)
Scope: class ara::crypto::cryp::DecryptorPrivateCtx
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::DecryptorPrivateCtx::ProcessBlock (ReadOnlyMem
Region in, bool suppressPadding=false) const noexcept=0;
Parameters (in): in the input data block
suppressPadding if true then the method doesn’t apply the padding,
but the payload should fill the whole block of the
plain data
Return value: ara::core::Result< ara::core::Vector< actual size of output data (it always <= out.size()) or
ara::core::Byte > > 0 if the input data block has incorrect content
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncorrectInput if the mentioned above rules about the input size is
Size violated
CryptoErrorDomain::kInsufficient if the out.size() is not enough to store the
Capacity transformation result
CryptoErrorDomain::kUninitialized if the context was not initialized by a key value
Context
Header file: #include "ara/crypto/cryp/decryptor_private_ctx.h"
Description: Process (encrypt / decrypt) an input block according to the cryptor configuration. Encryption
with (suppressPadding == true) expects that: in.size() == GetMaxInputSize(true) && out.size()
>= GetMaxOutputSize(true). Encryption with (suppressPadding == false) expects that: in.size()
<= GetMaxInputSize(false) && in.size() > 0 && out.size() >= GetMaxOutputSize(false).
Decryption expects that: in.size() == GetMaxInputSize() && out.size() >= GetMaxOutput
Size(suppressPadding). The case (out.size() < GetMaxOutputSize()) should be used with
caution, only if you are strictly certain about the size of the output data! In case of (suppress
Padding == true) the actual size of plain text should be equal to full size of the plain data block
(defined by the algorithm)!

c(RS_CRYPTO_02202)

159 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20813]{DRAFT} d
Kind: function
Symbol: ProcessBlock(ReadOnlyMemRegion in, bool suppressPadding=false)
Scope: class ara::crypto::cryp::DecryptorPrivateCtx
Syntax: template <typename Alloc = <implementation-defined>>
ara::core::Result<ByteVector<Alloc> > ara::crypto::cryp::Decryptor
PrivateCtx::ProcessBlock (ReadOnlyMemRegion in, bool suppress
Padding=false) const noexcept;
Template param: Alloc a custom allocator type of the output container
Parameters (in): in the input data block
suppressPadding if true then the method doesn’t apply the padding,
but the payload should fill the whole block of the
plain data
Return value: ara::core::Result< ByteVector< Alloc > the managed container for output block
>
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncorrectInput if the mentioned above rules about the input size is
Size violated
CryptoErrorDomain::kInsufficient if the out.size() is not enough to store the
Capacity transformation result
CryptoErrorDomain::kUninitialized if the context was not initialized by a key value
Context
Header file: #include "ara/crypto/cryp/decryptor_private_ctx.h"
Description: Process (encrypt / decrypt) an input block according to the cryptor configuration. This method
sets the size of the output container according to actually saved value! Encryption with
(suppressPadding == true) expects what: in.size() == GetMaxInputSize(true) && out.capacity()
>= GetMaxOutputSize(true). Encryption with (suppressPadding == false) expects what:
in.size() <= GetMaxInputSize(false) && in.size() > 0 && out.capacity() >= GetMaxOutput
Size(false). Decryption expects what: in.size() == GetMaxInputSize() && out.capacity() >= Get
MaxOutputSize(suppressPadding). The case (out.capacity() < GetMaxOutputSize()) should be
used with caution, only if you are strictly certain about the size of the output data! In case of
(suppressPadding == true) the actual size of plain text should be equal to full size of the plain
data block (defined by the algorithm)!

c(RS_CRYPTO_02202)
[SWS_CRYPT_20811]{DRAFT} d
Kind: function
Symbol: Reset()
Scope: class ara::crypto::cryp::DecryptorPrivateCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::DecryptorPrivate
Ctx::Reset () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/decryptor_private_ctx.h"
Description: Clear the crypto context.

c(RS_CRYPTO_02202)

160 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20810]{DRAFT} d
Kind: function
Symbol: SetKey(const PrivateKey &key)
Scope: class ara::crypto::cryp::DecryptorPrivateCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::DecryptorPrivate
Ctx::SetKey (const PrivateKey &key) noexcept=0;
Parameters (in): key the source key object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncompatible if the provided key object is incompatible with this
Object symmetric key context
CryptoErrorDomain::kUsageViolation if the transformation type associated with this
context is prohibited by the "allowed usage"
restrictions of provided key object
Header file: #include "ara/crypto/cryp/decryptor_private_ctx.h"
Description: Set (deploy) a key to the decryptor private algorithm context.

c(RS_CRYPTO_02001, RS_CRYPTO_02003)
[SWS_CRYPT_29013]{DRAFT} d
Kind: function
Symbol: Compare(ReadOnlyMemRegion expected, std::size_t offset=0)
Scope: class ara::crypto::cryp::DigestService
Syntax: virtual ara::core::Result<bool> ara::crypto::cryp::Digest
Service::Compare (ReadOnlyMemRegion expected, std::size_t offset=0)
const noexcept=0;
Parameters (in): expected the memory region containing an expected digest
value
offset position of the first byte in calculated digest for the
comparison starting
Return value: ara::core::Result< bool > true if the expected bytes sequence is identical to
first bytes of calculated digest
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not finished by a call of
Finished the Finish() method
CryptoErrorDomain::kBruteForceRisk if the buffered digest belongs to a MAC/HMAC/AE/
AEAD context, which was initialized by a key without
kAllowSignature permission, but actual size of
requested digest is less than 8 bytes (it is a
protection from the brute-force attack)
Header file: #include "ara/crypto/cryp/digest_service.h"
Description: Compare the calculated digest against an expected value. Entire digest value is kept in the
context up to next call Start(), therefore any its part can be verified again or extracted. If (full_
digest_size <= offset) || (expected.size() == 0) then return false; else comparison_size =
min(expected.size(), (full_digest_size - offset)) bytes. This method can be implemented as
"inline" after standartization of function ara::core::memcmp().

c(RS_CRYPTO_02309)

161 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_29012]{DRAFT} d
Kind: function
Symbol: GetDigestSize()
Scope: class ara::crypto::cryp::DigestService
Syntax: virtual std::size_t ara::crypto::cryp::DigestService::GetDigestSize ()
const noexcept=0;
Return value: std::size_t size of the full output from this digest-function in
bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/digest_service.h"
Description: Get the output digest size.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29015]{DRAFT} d
Kind: function
Symbol: IsFinished()
Scope: class ara::crypto::cryp::DigestService
Syntax: virtual bool ara::crypto::cryp::DigestService::IsFinished () const
noexcept=0;
Return value: bool true if a previously started stream processing was
finished by a call of the Finish() or FinishBytes()
methods
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/digest_service.h"
Description: Check current status of the stream processing: finished or no.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29014]{DRAFT} d
Kind: function
Symbol: IsStarted()
Scope: class ara::crypto::cryp::DigestService
Syntax: virtual bool ara::crypto::cryp::DigestService::IsStarted () const
noexcept=0;
Return value: bool true if the processing was start by a call of the
Start() methods and was not finished yet
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/digest_service.h"
Description: Check current status of the stream processing: started or no.

c(RS_CRYPTO_02309)

162 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21002]{DRAFT} d
Kind: function
Symbol: GetCryptoService()
Scope: class ara::crypto::cryp::EncryptorPublicCtx
Syntax: virtual CryptoService::Uptr ara::crypto::cryp::EncryptorPublicCtx::Get
CryptoService () const noexcept=0;
Return value: CryptoService::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/encryptor_public_ctx.h"
Description: Get CryptoService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_21012]{DRAFT} d
Kind: function
Symbol: ProcessBlock(ReadOnlyMemRegion in, bool suppressPadding=false)
Scope: class ara::crypto::cryp::EncryptorPublicCtx
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::EncryptorPublicCtx::ProcessBlock (ReadOnlyMemRegion
in, bool suppressPadding=false) const noexcept=0;
Parameters (in): in the input data block
suppressPadding if true then the method doesn’t apply the padding,
but the payload should fill the whole block of the
plain data
Return value: ara::core::Result< ara::core::Vector< actual size of output data (it always <= out.size()) or
ara::core::Byte > > 0 if the input data block has incorrect content
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncorrectInput if the mentioned above rules about the input size is
Size violated
CryptoErrorDomain::kUninitialized if the context was not initialized by a key value
Context
Header file: #include "ara/crypto/cryp/encryptor_public_ctx.h"
Description: Process (encrypt / decrypt) an input block according to the cryptor configuration. Encryption
with (suppressPadding == true) expects that: in.size() == GetMaxInputSize(true) && out.size()
>= GetMaxOutputSize(true). Encryption with (suppressPadding == false) expects that: in.size()
<= GetMaxInputSize(false) && in.size() > 0 && out.size() >= GetMaxOutputSize(false).
Decryption expects that: in.size() == GetMaxInputSize() && out.size() >= GetMaxOutput
Size(suppressPadding). The case (out.size() < GetMaxOutputSize()) should be used with
caution, only if you are strictly certain about the size of the output data! In case of (suppress
Padding == true) the actual size of plain text should be equal to full size of the plain data block
(defined by the algorithm)!

c(RS_CRYPTO_02202)
[SWS_CRYPT_21013]{DRAFT} d
Kind: function
Symbol: ProcessBlock(ReadOnlyMemRegion in, bool suppressPadding=false)
Scope: class ara::crypto::cryp::EncryptorPublicCtx
5

163 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: template <typename Alloc = <implementation-defined>>
ara::core::Result<ByteVector<Alloc> > ara::crypto::cryp::Encryptor
PublicCtx::ProcessBlock (ReadOnlyMemRegion in, bool suppress
Padding=false) const noexcept;
Template param: Alloc a custom allocator type of the output container
Parameters (in): in the input data block
suppressPadding if true then the method doesn’t apply the padding,
but the payload should fill the whole block of the
plain data
Return value: ara::core::Result< ByteVector< Alloc > the managed container for output block
>
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncorrectInput if the mentioned above rules about the input size is
Size violated
CryptoErrorDomain::kInsufficient if the out.size() is not enough to store the
Capacity transformation result
CryptoErrorDomain::kUninitialized if the context was not initialized by a key value
Context
Header file: #include "ara/crypto/cryp/encryptor_public_ctx.h"
Description: Process (encrypt / decrypt) an input block according to the cryptor configuration. This method
sets the size of the output container according to actually saved value! Encryption with
(suppressPadding == true) expects what: in.size() == GetMaxInputSize(true) && out.capacity()
>= GetMaxOutputSize(true). Encryption with (suppressPadding == false) expects what:
in.size() <= GetMaxInputSize(false) && in.size() > 0 && out.capacity() >= GetMaxOutput
Size(false). Decryption expects what: in.size() == GetMaxInputSize() && out.capacity() >= Get
MaxOutputSize(suppressPadding). The case (out.capacity() < GetMaxOutputSize()) should be
used with caution, only if you are strictly certain about the size of the output data! In case of
(suppressPadding == true) the actual size of plain text should be equal to full size of the plain
data block (defined by the algorithm)!

c(RS_CRYPTO_02202)
[SWS_CRYPT_21011]{DRAFT} d
Kind: function
Symbol: Reset()
Scope: class ara::crypto::cryp::EncryptorPublicCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::EncryptorPublic
Ctx::Reset () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/encryptor_public_ctx.h"
Description: Clear the crypto context.

c(RS_CRYPTO_02202)

164 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21010]{DRAFT} d
Kind: function
Symbol: SetKey(const PublicKey &key)
Scope: class ara::crypto::cryp::EncryptorPublicCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::EncryptorPublic
Ctx::SetKey (const PublicKey &key) noexcept=0;
Parameters (in): key the source key object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kIncompatible if the provided key object is incompatible with this
Object symmetric key context
CryptoErrorDomain::kUsageViolation if the transformation type associated with this
context is prohibited by the "allowed usage"
restrictions of provided key object
Header file: #include "ara/crypto/cryp/encryptor_public_ctx.h"
Description: Set (deploy) a key to the encryptor public algorithm context.

c(RS_CRYPTO_02001, RS_CRYPTO_02003)
[SWS_CRYPT_29041]{DRAFT} d
Kind: function
Symbol: ~ExtensionService()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual ara::crypto::cryp::ExtensionService::~ExtensionService ()
noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Destructor.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29045]{DRAFT} d
Kind: function
Symbol: GetActualKeyBitLength()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual std::size_t ara::crypto::cryp::ExtensionService::GetActualKey
BitLength () const noexcept=0;
Return value: std::size_t actual length of a key (now set to the algorithm
context) in bits
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Get actual bit-length of a key loaded to the context. If no key was set to the context yet then 0 is
returned.

c(RS_CRYPTO_02309)

165 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_29047]{DRAFT} d
Kind: function
Symbol: GetActualKeyCOUID()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual CryptoObjectUid ara::crypto::cryp::ExtensionService::GetActual
KeyCOUID () const noexcept=0;
Return value: CryptoObjectUid the COUID of the CryptoObject
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Get the COUID of the key deployed to the context this extension service is attached to. If no key
was set to the context yet then an empty COUID (Nil) is returned.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29046]{DRAFT} d
Kind: function
Symbol: GetAllowedUsage()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual AllowedUsageFlags ara::crypto::cryp::ExtensionService::Get
AllowedUsage () const noexcept=0;
Return value: AllowedUsageFlags a combination of bit-flags that specifies allowed
usages of the context
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Get allowed usages of this context (according to the key object attributes loaded to this context).
If the context is not initialized by a key object yet then zero (all flags are reset) must be returned.

c(RS_CRYPTO_02008)
[SWS_CRYPT_29044]{DRAFT} d
Kind: function
Symbol: GetMaxKeyBitLength()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual std::size_t ara::crypto::cryp::ExtensionService::GetMaxKeyBit
Length () const noexcept=0;
Return value: std::size_t maximal supported length of the key in bits
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Get maximal supported key length in bits.

c(RS_CRYPTO_02309)

166 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_29043]{DRAFT} d
Kind: function
Symbol: GetMinKeyBitLength()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual std::size_t ara::crypto::cryp::ExtensionService::GetMinKeyBit
Length () const noexcept=0;
Return value: std::size_t minimal supported length of the key in bits
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Get minimal supported key length in bits.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29048]{DRAFT} d
Kind: function
Symbol: IsKeyBitLengthSupported(std::size_t keyBitLength)
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual bool ara::crypto::cryp::ExtensionService::IsKeyBitLength
Supported (std::size_t keyBitLength) const noexcept=0;
Parameters (in): keyBitLength length of the key in bits
Return value: bool true if provided value of the key length is supported
by the context
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Verify supportness of specific key length by the context.

c(RS_CRYPTO_02309)
[SWS_CRYPT_29049]{DRAFT} d
Kind: function
Symbol: IsKeyAvailable()
Scope: class ara::crypto::cryp::ExtensionService
Syntax: virtual bool ara::crypto::cryp::ExtensionService::IsKeyAvailable ()
const noexcept=0;
Return value: bool FALSE if no key has been set
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Check if a key has been set to this context.

c(RS_CRYPTO_02309)

167 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_30218]{DRAFT} d
Kind: function
Symbol: operator=(const ExtensionService &other)
Scope: class ara::crypto::cryp::ExtensionService
Syntax: ExtensionService& ara::crypto::cryp::ExtensionService::operator=
(const ExtensionService &other)=default;
Parameters (in): other the other instance
Return value: ExtensionService & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Copy-assign another ExtensionService to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30219]{DRAFT} d
Kind: function
Symbol: operator=(ExtensionService &&other)
Scope: class ara::crypto::cryp::ExtensionService
Syntax: ExtensionService& ara::crypto::cryp::ExtensionService::operator= (
ExtensionService &&other)=default;
Parameters (in): other the other instance
Return value: ExtensionService & *this, containing the contents of other
Header file: #include "ara/crypto/cryp/extension_service.h"
Description: Move-assign another ExtensionService to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_21115]{DRAFT} d
Kind: function
Symbol: Finish()
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::HashFunctionCtx::Finish () noexcept=0;
Return value: ara::core::Result< ara::core::Vector< output data buffer
ara::core::Byte > >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if Start() has not been successfully called before.
Started
CryptoErrorDomain::kInvalidUsage if Update() has not been called successfully after the
Order last call to Start()
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Finish the digest calculation and optionally produce the "signature" object. Only after call of this
method the digest can be signed, verified, extracted or compared.

c(RS_CRYPTO_02302, RS_CRYPTO_02205)

168 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21102]{DRAFT} d
Kind: function
Symbol: GetDigestService()
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual DigestService::Uptr ara::crypto::cryp::HashFunctionCtx::Get
DigestService () const noexcept=0;
Return value: DigestService::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Get DigestService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_21116]{DRAFT} d
Kind: function
Symbol: GetDigest(std::size_t offset=0)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::cryp::HashFunctionCtx::GetDigest (std::size_t offset=0)
const noexcept=0;
Parameters (in): offset position of the first byte of digest that should be
placed to the output buffer
Return value: ara::core::Result< ara::core::Vector< number of digest bytes really stored to the output
ara::core::Byte > > buffer (they are always <= output.size() and denoted
below as return_size)
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not finished by a call of
Finished the Finish() method
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Get requested part of calculated digest. Entire digest value is kept in the context up to next call
Start(), therefore any its part can be extracted again or verified. If (full_digest_size <= offset)
then return_size = 0 bytes; else return_size = min(output.size(), (full_digest_size - offset))
bytes. This method can be implemented as "inline" after standartization of function
ara::core::memcpy().

c(RS_CRYPTO_02205)
[SWS_CRYPT_21117]{DRAFT} d
Kind: function
Symbol: GetDigest(std::size_t offset=0)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: template <typename Alloc = <implementation-defined>>
ara::core::Result<ByteVector<Alloc> > ara::crypto::cryp::HashFunction
Ctx::GetDigest (std::size_t offset=0) const noexcept;
Template param: Alloc a custom allocator type of the output container
Parameters (in): offset position of first byte of digest that should be placed
to the output buffer
Return value: ara::core::Result< ByteVector< Alloc > –
>
5

169 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not finished by a call of
Finished the Finish() method
CryptoErrorDomain::kUsageViolation if the buffered digest belongs to a MAC/HMAC/AE/
AEAD context initialized by a key without kAllow
Signature permission
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Get requested part of calculated digest to pre-reserved managed container. This method sets
the size of the output container according to actually saved value. Entire digest value is kept in
the context up to next call Start(), therefore any its part can be extracted again or verified. If
(full_digest_size <= offset) then return_size = 0 bytes; else return_size = min(output.capacity(),
(full_digest_size - offset)) bytes.

c(RS_CRYPTO_02205)
[SWS_CRYPT_21118]{DRAFT} d
Kind: function
Symbol: Start()
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::HashFunction
Ctx::Start () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kMissing the configured hash function expected an IV
Argument
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Initialize the context for a new data stream processing or generation (depending on the
primitive) without IV.

c(RS_CRYPTO_02302)
[SWS_CRYPT_21110]{DRAFT} d
Kind: function
Symbol: Start(ReadOnlyMemRegion iv)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::HashFunction
Ctx::Start (ReadOnlyMemRegion iv) noexcept=0;
Parameters (in): iv an optional Initialization Vector (IV) or "nonce" value
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidInputSize if the size of provided IV is not supported (i.e. if it is
not enough for the initialization)
CryptoErrorDomain::kUnsupported if the base algorithm (or its current implementation)
principally doesn’t support the IV variation, but
provided IV value is not empty, i.e. if (iv.empty() ==
false)
5

170 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Initialize the context for a new data stream processing or generation (depending on the
primitive). If IV size is greater than maximally supported by the algorithm then an
implementation may use the leading bytes only from the sequence.

c(RS_CRYPTO_02302)
[SWS_CRYPT_21111]{DRAFT} d
Kind: function
Symbol: Start(const SecretSeed &iv)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::HashFunction
Ctx::Start (const SecretSeed &iv) noexcept=0;
Parameters (in): iv the Initialization Vector (IV) or "nonce" object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInvalidInputSize if the size of provided IV is not supported (i.e. if it is
not enough for the initialization)
CryptoErrorDomain::kUnsupported if the base algorithm (or its current implementation)
principally doesn’t support the IV variation
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Initialize the context for a new data stream processing or generation (depending on the
primitive). If IV size is greater than maximally supported by the algorithm then an
implementation may use the leading bytes only from the sequence.

c(RS_CRYPTO_02302)
[SWS_CRYPT_21112]{DRAFT} d
Kind: function
Symbol: Update(const RestrictedUseObject &in)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::HashFunction
Ctx::Update (const RestrictedUseObject &in) noexcept=0;
Parameters (in): in a part of input message that should be processed
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not initiated by a call of
Started the Start() method
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Update the digest calculation context by a new part of the message. This method is dedicated
for cases then the RestrictedUseObject is a part of the "message".

c(RS_CRYPTO_02302)

171 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21113]{DRAFT} d
Kind: function
Symbol: Update(ReadOnlyMemRegion in)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::HashFunction
Ctx::Update (ReadOnlyMemRegion in) noexcept=0;
Parameters (in): in a part of the input message that should be
processed
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not initiated by a call of
Started the Start() method
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Update the digest calculation context by a new part of the message.

c(RS_CRYPTO_02302)
[SWS_CRYPT_21114]{DRAFT} d
Kind: function
Symbol: Update(std::uint8_t in)
Scope: class ara::crypto::cryp::HashFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::HashFunction
Ctx::Update (std::uint8_t in) noexcept=0;
Parameters (in): in a byte value that is a part of input message
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kProcessingNot if the digest calculation was not initiated by a call of
Started the Start() method
Header file: #include "ara/crypto/cryp/hash_function_ctx.h"
Description: Update the digest calculation context by a new part of the message. This method is convenient
for processing of constant tags.

c(RS_CRYPTO_02302)
[SWS_CRYPT_21312]{DRAFT} d
Kind: function
Symbol: AgreeKey(const PublicKey &otherSideKey, CryptoAlgId targetAlgId, AllowedUsageFlags
allowedUsage, ara::core::Optional< ReadOnlyMemRegion > salt, ara::core::Optional< Read
OnlyMemRegion > ctxLabel)
Scope: class ara::crypto::cryp::KeyAgreementPrivateCtx
Syntax: virtual ara::core::Result<SymmetricKey::Uptrc> ara::crypto::cryp::Key
AgreementPrivateCtx::AgreeKey (const PublicKey &otherSideKey, Crypto
AlgId targetAlgId, AllowedUsageFlags allowedUsage,
ara::core::Optional< ReadOnlyMemRegion > salt, ara::core::Optional<
ReadOnlyMemRegion > ctxLabel) const noexcept=0;
Parameters (in): otherSideKey the public key of the other side of the
Key-Agreement
5

172 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
targetAlgId identifier of the target symmetric algorithm (also
defines a target key-length)
allowedUsage the allowed usage scope of the target key
salt an optional salt value (if used, it should be unique
for each instance of the target key)
ctxLabel an optional application specific "context label" (it can
identify purpose of the target key and/or
communication parties)
Return value: ara::core::Result< Symmetric a unique pointer to SymmetricKey object, which
Key::Uptrc > contains the computed shared secret or key material
produced by the Key-Agreement algorithm
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrc::kUninitializedContext if the context was not initialized by a key value
CryptoErrc::kIncompatibleObject if the public and private keys correspond to different
algorithms
Header file: #include "ara/crypto/cryp/key_agreement_private_ctx.h"
Description: Produce a common symmetric key via execution of the key-agreement algorithm between this
private key and a public key of another side. Produced SymmetricKey object has following
attributes: session, non-exportable. This method can be used for direct production of the target
key, without creation of the intermediate SecretSeed object.

c(RS_CRYPTO_02115)
[SWS_CRYPT_21311]{DRAFT} d
Kind: function
Symbol: AgreeSeed(const PublicKey &otherSideKey, ara::core::Optional< AllowedUsageFlags > allowed
Usage)
Scope: class ara::crypto::cryp::KeyAgreementPrivateCtx
Syntax: virtual ara::core::Result<SecretSeed::Uptrc> ara::crypto::cryp::Key
AgreementPrivateCtx::AgreeSeed (const PublicKey &otherSideKey,
ara::core::Optional< AllowedUsageFlags > allowedUsage) const
noexcept=0;
Parameters (in): otherSideKey the public key of the other side of the
Key-Agreement
allowedUsage the allowed usage scope of the target seed
Return value: ara::core::Result< SecretSeed::Uptrc > unique pointer to SecretSeed object, which contains
the key material produced by the Key-Agreement
algorithm
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrc::kUninitializedContext if the context was not initialized by a key value
CryptoErrc::kIncompatibleObject if the public and private keys correspond to different
algorithms
Header file: #include "ara/crypto/cryp/key_agreement_private_ctx.h"
Description: Produce a common secret seed via execution of the key-agreement algorithm between this
private key and a public key of another side. Produced SecretSeed object has following
attributes: session, non-exportable, AlgID (this Key-Agreement Algorithm ID).

c(RS_CRYPTO_02007)

173 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21302]{DRAFT} d
Kind: function
Symbol: GetExtensionService()
Scope: class ara::crypto::cryp::KeyAgreementPrivateCtx
Syntax: virtual ExtensionService::Uptr ara::crypto::cryp::KeyAgreementPrivate
Ctx::GetExtensionService () const noexcept=0;
Return value: ExtensionService::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/key_agreement_private_ctx.h"
Description: Get ExtensionService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_21314]{DRAFT} d
Kind: function
Symbol: Reset()
Scope: class ara::crypto::cryp::KeyAgreementPrivateCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyAgreementPrivate
Ctx::Reset () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_agreement_private_ctx.h"
Description: Clear the crypto context.

c(RS_CRYPTO_02108)
[SWS_CRYPT_21313]{DRAFT} d
Kind: function
Symbol: SetKey(const PrivateKey &key)
Scope: class ara::crypto::cryp::KeyAgreementPrivateCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyAgreementPrivate
Ctx::SetKey (const PrivateKey &key) noexcept=0;
Parameters (in): key the source key object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrc::kIncompatibleObject if the provided key object is incompatible with this
private key context
CryptoErrc::kUsageViolation if the transformation type associated with this
context is prohibited by the "allowed usage"
restrictions of provided key object
Header file: #include "ara/crypto/cryp/key_agreement_private_ctx.h"
Description: Set (deploy) a key to the key agreement private algorithm context.

c(RS_CRYPTO_02001, RS_CRYPTO_02003)

174 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21315]{DRAFT} d
Kind: function
Symbol: SetKDF(const KeyDerivationFunctionCtx &kdf)
Scope: class ara::crypto::cryp::KeyAgreementPrivateCtx
Syntax: virtual void ara::crypto::cryp::KeyAgreementPrivateCtx::SetKDF (const
KeyDerivationFunctionCtx &kdf) const noexcept=0;
Parameters (in): kdf the KeyDerivationFunctionCtx that shall be used to
derive the final SymmetricKey or SecretSeed.
Return value: None
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_agreement_private_ctx.h"
Description: This interface may be used to provide a KDF in case no KDF was specified during context
creation or the default parameters of the specified KDF are insufficient or the specified KDF
must be replaced.

c(RS_CRYPTO_02115)
[SWS_CRYPT_21412]{DRAFT} d
Kind: function
Symbol: DecapsulateKey(ReadOnlyMemRegion input, CryptoAlgId keyingDataAlgId, KeyDerivation
FunctionCtx &kdf, CryptoAlgId kekAlgId, ara::core::Optional< AllowedUsageFlags > allowed
Usage)
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual ara::core::Result<SymmetricKey::Uptrc> ara::crypto::cryp::Key
DecapsulatorPrivateCtx::DecapsulateKey (ReadOnlyMemRegion input,
CryptoAlgId keyingDataAlgId, KeyDerivationFunctionCtx &kdf, CryptoAlg
Id kekAlgId, ara::core::Optional< AllowedUsageFlags > allowedUsage)
const noexcept=0;
Parameters (in): input an input buffer (its size should be equal Get
EncapsulatedSize() bytes)
keyingDataAlgId algorithm ID of the returned symmetric key
kdf a context of a key derivation function, which should
be used for KEK production
kekAlgId an algorithm ID of the KEK
allowedUsage the allowed usage scope of the returned symmetric
key object (default = kAllowKdfMaterialAnyUsage)
Return value: ara::core::Result< Symmetric unique smart pointer of the symmetric key object
Key::Uptrc > instantiated from the decapsulated keying data
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrc::kUninitializedContext if the context was not initialized by a private key
value
CryptoErrc::kInvalidArgument if kekAlgId or kdf are incompatible with this context
CryptoErrc::kInvalidInputSize if this context does not support the size of input
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Decapsulate the keying data to be used for subsequent processing (e.g. secure
communication). Produced SymmetricKey object has following attributes: session,
non-exportable.

c(RS_CRYPTO_02102, RS_CRYPTO_02108, RS_CRYPTO_02115)

175 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21411]{DRAFT} d
Kind: function
Symbol: DecapsulateSeed(ReadOnlyMemRegion input, ara::core::Optional< AllowedUsageFlags >
allowedUsage)
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual ara::core::Result<SecretSeed::Uptrc> ara::crypto::cryp::Key
DecapsulatorPrivateCtx::DecapsulateSeed (ReadOnlyMemRegion input,
ara::core::Optional< AllowedUsageFlags > allowedUsage) const
noexcept=0;
Parameters (in): input a buffer with the encapsulated seed (its size should
be equal GetEncapsulatedSize() bytes)
allowedUsage the allowed usage scope of the target seed (default
= kAllowKdfMaterialAnyUsage)
Return value: ara::core::Result< SecretSeed::Uptrc > unique smart pointer to SecretSeed object, which
keeps the key material decapsulated from the input
buffer
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrc::kUninitializedContext if the context was not initialized by a private key
value
CryptoErrc::kInvalidInputSize if this context does not support the size of input
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Decapsulate key material. Produced SecretSeed object has following attributes: session,
non-exportable, AlgID = this KEM AlgID.

c(RS_CRYPTO_02007)
[SWS_CRYPT_21416]{DRAFT} d
Kind: function
Symbol: GetEncapsulatedSize()
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual std::size_t ara::crypto::cryp::KeyDecapsulatorPrivateCtx::Get
EncapsulatedSize () const noexcept=0;
Return value: std::size_t size of the encapsulated data block in bytes
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Get fixed size of the encapsulated data block.

c(RS_CRYPTO_02309)
[SWS_CRYPT_21402]{DRAFT} d
Kind: function
Symbol: GetExtensionService()
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual ExtensionService::Uptr ara::crypto::cryp::KeyDecapsulator
PrivateCtx::GetExtensionService () const noexcept=0;
Return value: ExtensionService::Uptr –
Exception Safety: noexcept
5

176 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Get ExtensionService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_21415]{DRAFT} d
Kind: function
Symbol: GetKekEntropy()
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual std::size_t ara::crypto::cryp::KeyDecapsulatorPrivateCtx::Get
KekEntropy () const noexcept=0;
Return value: std::size_t entropy of the KEK material in bits
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Get entropy (bit-length) of the key encryption key (KEK) material. For RSA system the returned
value corresponds to the length of module N (minus 1). For DH-like system the returned value
corresponds to the length of module q (minus 1).

c(RS_CRYPTO_02309)
[SWS_CRYPT_21414]{DRAFT} d
Kind: function
Symbol: Reset()
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyDecapsulator
PrivateCtx::Reset () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Clear the crypto context.

c(RS_CRYPTO_02108)
[SWS_CRYPT_21413]{DRAFT} d
Kind: function
Symbol: SetKey(const PrivateKey &key)
Scope: class ara::crypto::cryp::KeyDecapsulatorPrivateCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyDecapsulator
PrivateCtx::SetKey (const PrivateKey &key) noexcept=0;
Parameters (in): key the source key object
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
5

177 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Errors: CryptoErrc::kIncompatibleObject if the provided key object is incompatible with this
private key context
CryptoErrc::kUsageViolation if the transformation type associated with this
context is prohibited by the "allowed usage"
restrictions of provided key object
Header file: #include "ara/crypto/cryp/key_decapsulator_private_ctx.h"
Description: Set (deploy) a key to the key decapsulator private algorithm context.

c(RS_CRYPTO_02001, RS_CRYPTO_02003)
[SWS_CRYPT_21512]{DRAFT} d
Kind: function
Symbol: AddSalt(ReadOnlyMemRegion salt)
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyDerivation
FunctionCtx::AddSalt (ReadOnlyMemRegion salt) noexcept=0;
Parameters (in): salt a salt value (if used, it should be unique for each
instance of the target key)
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Add a salt value stored in a (non-secret) ReadOnlyMemRegion.

c(RS_CRYPTO_02102, RS_CRYPTO_02107, RS_CRYPTO_02108, RS_CRYPTO_-

02111)
[SWS_CRYPT_21513]{DRAFT} d
Kind: function
Symbol: AddSecretSalt(const SecretSeed &salt)
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyDerivation
FunctionCtx::AddSecretSalt (const SecretSeed &salt) noexcept=0;
Parameters (in): salt a salt value (if used, it should be unique for each
instance of the target key)
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Add a secret salt value stored in a SecretSeed object.

c(RS_CRYPTO_02102, RS_CRYPTO_02107, RS_CRYPTO_02108, RS_CRYPTO_-

02111)

178 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_21514]{DRAFT} d
Kind: function
Symbol: ConfigIterations(std::uint32_t iterations=0)
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual std::uint32_t ara::crypto::cryp::KeyDerivationFunction
Ctx::ConfigIterations (std::uint32_t iterations=0) noexcept=0;
Parameters (in): iterations the required number of iterations of the base
function (0 means implementation default number)
Return value: std::uint32_t actual number of the iterations configured in the
context now (after this method call)
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Configure the number of iterations that will be applied by default. Implementation can restrict
minimal and/or maximal value of the iterations number.

c(RS_CRYPTO_02309)
[SWS_CRYPT_21515]{DRAFT} d
Kind: function
Symbol: DeriveKey(bool isSession=true, bool isExportable=false)
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual ara::core::Result<SymmetricKey::Uptrc> ara::crypto::cryp::Key
DerivationFunctionCtx::DeriveKey (bool isSession=true, bool is
Exportable=false) const noexcept=0;
Parameters (in): isSession the "session" (or "temporary") attribute for the target
key (if true)
isExportable the exportability attribute for the target key (if true)
Return value: ara::core::Result< Symmetric unique smart pointer to the created instance of
Key::Uptrc > derived symmetric key
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUninitialized if the context was not sufficiently initialized
Context
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Derive a symmetric key from the provided key material and provided context configuration.

c(RS_CRYPTO_02102, RS_CRYPTO_02107, RS_CRYPTO_02108, RS_CRYPTO_-

02111, RS_CRYPTO_02115)
[SWS_CRYPT_21516]{DRAFT} d
Kind: function
Symbol: DeriveSeed(bool isSession=true, bool isExportable=false)
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual ara::core::Result<SecretSeed::Uptrc> ara::crypto::cryp::Key
DerivationFunctionCtx::DeriveSeed (bool isSession=true, bool is
Exportable=false) const noexcept=0;
Parameters (in): isSession the "session" (or "temporary") attribute for the target
key (if true)
5

179 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
isExportable the exportability attribute for the target key (if true)
Return value: ara::core::Result< SecretSeed::Uptrc > unique smart pointer to the created SecretSeed
object
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUninitialized if the context was not sufficiently initialized
Context
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Derive a "slave" key material (secret seed) from the provided "master" key material and
provided context configuration.

c(RS_CRYPTO_02007)
[SWS_CRYPT_21524]{DRAFT} d
Kind: function
Symbol: Reset()
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual ara::core::Result<void> ara::crypto::cryp::KeyDerivation
FunctionCtx::Reset () noexcept=0;
Return value: ara::core::Result< void > –
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Clear the crypto context.

c(RS_CRYPTO_02108)
[SWS_CRYPT_21517]{DRAFT} d
Kind: function
Symbol: GetExtensionService()
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual ExtensionService::Uptr ara::crypto::cryp::KeyDerivation
FunctionCtx::GetExtensionService () const noexcept=0;
Return value: ExtensionService::Uptr –
Exception Safety: noexcept
Header file: #include "ara/crypto/cryp/key_derivation_function_ctx.h"
Description: Get ExtensionService instance.

c(RS_CRYPTO_02006)
[SWS_CRYPT_21519]{DRAFT} d
Kind: function
Symbol: GetKeyIdSize()
Scope: class ara::crypto::cryp::KeyDerivationFunctionCtx
Syntax: virtual std::size_t ara::crypto::cryp::KeyDerivationFunctionCtx::Get
KeyIdSize () const noexcept=0;
5

180 of 352 Document ID 883: AUTOSAR_SWS_Cryptography