Specification of Cryptography

AUTOSAR AP R22-11

4
Syntax: using ara::crypto::x509::X509DN::Uptrc = std::unique_ptr<const
X509DN>;
Header file: #include "ara/crypto/x509/x509_dn.h"
Description: Unique smart pointer of the constant interface.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40401]{DRAFT} d
Kind: type alias
Symbol: Uptr
Scope: class ara::crypto::x509::X509DN
Derived from: std::unique_ptr<X509DN>
Syntax: using ara::crypto::x509::X509DN::Uptr = std::unique_ptr<X509DN>;
Header file: #include "ara/crypto/x509/x509_dn.h"
Description: Unique smart pointer of the interface.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40501]{DRAFT} d
Kind: type alias
Symbol: Uptr
Scope: class ara::crypto::x509::X509Extensions
Derived from: std::unique_ptr<X509Extensions>
Syntax: using ara::crypto::x509::X509Extensions::Uptr = std::unique_
ptr<X509Extensions>;
Header file: #include "ara/crypto/x509/x509_extensions.h"
Description: Shared smart pointer of the interface.

c(RS_CRYPTO_02306)
[SWS_CRYPT_24401]{DRAFT} d
Kind: type alias
Symbol: Uptrc
Scope: class ara::crypto::x509::X509PublicKeyInfo
Derived from: std::unique_ptr<const X509PublicKeyInfo>
Syntax: using ara::crypto::x509::X509PublicKeyInfo::Uptrc = std::unique_
ptr<const X509PublicKeyInfo>;
Header file: #include "ara/crypto/x509/x509_public_key_info.h"
Description: Unique smart pointer of the interface.

c(RS_CRYPTO_02307)

301 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_40601]{DRAFT} d
Kind: type alias
Symbol: Uptr
Scope: class ara::crypto::x509::X509Provider
Derived from: std::unique_ptr<X509Provider>
Syntax: using ara::crypto::x509::X509Provider::Uptr = std::unique_
ptr<X509Provider>;
Header file: #include "ara/crypto/x509/x509_provider.h"
Description: Shared smart pointer of the interface.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40602]{DRAFT} d
Kind: type alias
Symbol: StorageIndex
Scope: class ara::crypto::x509::X509Provider
Derived from: std::size_t
Syntax: using ara::crypto::x509::X509Provider::StorageIndex = std::size_t;
Header file: #include "ara/crypto/x509/x509_provider.h"
Description: Type of an internal index inside the certificate storage.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40935]{DRAFT} d
Kind: type alias
Symbol: BitString
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: std::pair<ara::crypto::ReadOnlyMemRegion, NumberOfUnusedBits>
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::BitString =
std::pair<ara::crypto::ReadOnlyMemRegion, NumberOfUnusedBits>;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40941]{DRAFT} d
Kind: type alias
Symbol: GeneralizedTime
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::core::StringView
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::GeneralizedTime =
ara::core::StringView;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)

302 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_40940]{DRAFT} d
Kind: type alias
Symbol: Ia5String
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::core::StringView
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::Ia5String =
ara::core::StringView;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40933]{DRAFT} d
Kind: type alias
Symbol: Integer
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::crypto::ReadOnlyMemRegion
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::Integer =
ara::crypto::ReadOnlyMemRegion;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40934]{DRAFT} d
Kind: type alias
Symbol: NumberOfUnusedBits
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: std::uint8_t
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::NumberOfUnused
Bits = std::uint8_t;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40936]{DRAFT} d
Kind: type alias
Symbol: OctetString
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::crypto::ReadOnlyMemRegion
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::OctetString =
ara::crypto::ReadOnlyMemRegion;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)

303 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_40937]{DRAFT} d
Kind: type alias
Symbol: Oid
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::core::StringView
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::Oid =
ara::core::StringView;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40939]{DRAFT} d
Kind: type alias
Symbol: PrintableString
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::core::StringView
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::PrintableString =
ara::core::StringView;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40942]{DRAFT} d
Kind: type alias
Symbol: UtcTime
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::core::StringView
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::UtcTime =
ara::core::StringView;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40938]{DRAFT} d
Kind: type alias
Symbol: Utf8String
Scope: class ara::crypto::x509::X509CustomExtensionsParser
Derived from: ara::crypto::ReadOnlyMemRegion
Syntax: using ara::crypto::x509::X509CustomExtensionsParser::Utf8String =
ara::crypto::ReadOnlyMemRegion;
Header file: #include "ara/crypto/x509/x509_custom_extension_parser.h"
Description: Type alias.

c(RS_CRYPTO_02306)

304 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_40157]{DRAFT} d
Kind: variable
Symbol: kConstrCrlSign
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
CrlSign = 0x0200;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used for Certificates Revokation Lists (CRL) signing.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40154]{DRAFT} d
Kind: variable
Symbol: kConstrDataEncipherment
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
DataEncipherment = 0x1000;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used for data encipherment.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40159]{DRAFT} d
Kind: variable
Symbol: kConstrDecipherOnly
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
DecipherOnly = 0x0080;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The enciphermet key can be used for deciphering only.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40151]{DRAFT} d
Kind: variable
Symbol: kConstrDigitalSignature
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
DigitalSignature = 0x8000;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used for digital signature production.

c(RS_CRYPTO_02306)

305 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_40158]{DRAFT} d
Kind: variable
Symbol: kConstrEncipherOnly
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
EncipherOnly = 0x0100;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The enciphermet key can be used for enciphering only.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40155]{DRAFT} d
Kind: variable
Symbol: kConstrKeyAgreement
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
KeyAgreement = 0x0800;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used for a key agreement protocol execution.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40156]{DRAFT} d
Kind: variable
Symbol: kConstrKeyCertSign
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
KeyCertSign = 0x0400;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used for certificates signing.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40153]{DRAFT} d
Kind: variable
Symbol: kConstrKeyEncipherment
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
KeyEncipherment = 0x2000;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used for key encipherment.

c(RS_CRYPTO_02306)

306 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_40152]{DRAFT} d
Kind: variable
Symbol: kConstrNonRepudiation
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
NonRepudiation = 0x4000;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: The key can be used in cases requiring the "non-repudiation" guarantee.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40150]{DRAFT} d
Kind: variable
Symbol: kConstrNone
Scope: class ara::crypto::x509::BasicCertInfo
Type: const KeyConstraints
Syntax: static const KeyConstraints ara::crypto::x509::BasicCertInfo::kConstr
None = 0;
Header file: #include "ara/crypto/x509/basic_cert_info.h"
Description: No key constraints.

c(RS_CRYPTO_02306)
[SWS_CRYPT_40603]{DRAFT} d
Kind: variable
Symbol: kInvalidIndex
Scope: class ara::crypto::x509::X509Provider
Type: const StorageIndex
Syntax: static const StorageIndex ara::crypto::x509::X509Provider::kInvalid
Index = static_cast<std::size_t>(-1LL);
Header file: #include "ara/crypto/x509/x509_provider.h"
Description: Reserved "invalid index" value for navigation inside the certificate storage.

c(RS_CRYPTO_02306)

8.4 API Common Data Types

[SWS_CRYPT_10015]{DRAFT} d
Kind: type alias
Symbol: AllowedUsageFlags
Scope: namespace ara::crypto
Derived from: std::uint32_t
5

307 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: using ara::crypto::AllowedUsageFlags = std::uint32_t;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A container type and constant bit-flags of allowed usages of a key or a secret seed object. Only
directly specified usages of a key are allowed, all other are prohibited! Similar set of flags are
defined for the usage restrictions of original key/seed and for a symmetric key or seed that
potentially can be derived from the original one. A symmetric key or secret seed can be derived
from the original one, only if it supports kAllowKeyAgreement or kAllowKeyDiversify or kAllow
KeyDerivation!

c(RS_CRYPTO_02111)
[SWS_CRYPT_10042]{DRAFT} d
Kind: type alias
Symbol: ByteVector
Scope: namespace ara::crypto
Derived from: ara::core::Vector<std::uint8_t, Alloc>
Syntax: using ara::crypto::ByteVector = ara::core::Vector<std::uint8_t,
Alloc>;
Template param: Alloc custom allocator of bytes sequences
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Alias of a bytes’ vector template with customizable allocator.

c(RS_CRYPTO_02201, RS_CRYPTO_02202, RS_CRYPTO_02203, RS_CRYPTO_-

02204, RS_CRYPTO_02205, RS_CRYPTO_02206, RS_CRYPTO_02207, RS_-
CRYPTO_02208, RS_CRYPTO_02209)
[SWS_CRYPT_10014]{DRAFT} d
Kind: type alias
Symbol: CryptoAlgId
Scope: namespace ara::crypto
Derived from: std::uint64_t
Syntax: using ara::crypto::CryptoAlgId = std::uint64_t;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Container type of the Crypto Algorithm Identifier.

c(RS_CRYPTO_02102, RS_CRYPTO_02107)
[SWS_CRYPT_10016]{DRAFT} d
Kind: enumeration
Symbol: CryptoObjectType
Scope: namespace ara::crypto
Underlying type: std::uint32_t
Syntax: enum class CryptoObjectType : std::uint32_t {...};
Values: kUndefined= 0 Object type is currently not defined (empty
container)
kSymmetricKey= 1 cryp::SymmetricKey object
5

308 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
kPrivateKey= 2 cryp::PrivateKey object
kPublicKey= 3 cryp::PublicKey object
kSignature= 4 cryp::Signature object (asymmetric digital signature
or symmetric MAC/HMAC or hash digest)
kSecretSeed= 5 cryp::SecretSeed object. Note: the seed cannot
have an associated crypto algorithm!
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Enumeration of all types of crypto objects, i.e. types of content that can be stored to a key slot.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10100]{DRAFT} d
Kind: struct
Symbol: CryptoObjectUid
Scope: namespace ara::crypto
Syntax: struct ara::crypto::CryptoObjectUid {...};
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Definition of Crypto Object Unique Identifier (COUID) type.

c(RS_CRYPTO_02005, RS_CRYPTO_02006)
[SWS_CRYPT_10017]{DRAFT} d
Kind: enumeration
Symbol: ProviderType
Scope: namespace ara::crypto
Underlying type: std::uint32_t
Syntax: enum class ProviderType : std::uint32_t {...};
Values: kUndefinedProvider= 0 Undefined/Unknown Provider type (or applicable for
the whole Crypto Stack)
kCryptoProvider= 1 Cryptography Provider.
kKeyStorageProvider= 2 Key Storage Provider.
kX509Provider= 3 X.509 Provider.
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Enumeration of all known Provider types.

c(RS_CRYPTO_02401, RS_CRYPTO_02109)
[SWS_CRYPT_10033]{DRAFT} d
Kind: type alias
Symbol: ReadOnlyMemRegion
Scope: namespace ara::crypto
Derived from: ara::core::Span<const std::uint8_t>
Syntax: using ara::crypto::ReadOnlyMemRegion = ara::core::Span<const
std::uint8_t>;
Header file: #include "ara/crypto/common/mem_region.h"
Description: Read-Only Memory Region (intended for [in] arguments)

309 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

c(RS_CRYPTO_02004)
[SWS_CRYPT_10031]{DRAFT} d
Kind: type alias
Symbol: ReadWriteMemRegion
Scope: namespace ara::crypto
Derived from: ara::core::Span<std::uint8_t>
Syntax: using ara::crypto::ReadWriteMemRegion = ara::core::Span<std::uint8_t>;
Header file: #include "ara/crypto/common/mem_region.h"
Description: Read-Write Memory Region (intended for [in/out] arguments)

c(RS_CRYPTO_02004)
[SWS_CRYPT_10099]{DRAFT} d
Kind: enumeration
Symbol: CryptoErrc
Scope: namespace ara::crypto
Underlying type: ara::core::ErrorDomain::CodeType
Syntax: enum class CryptoErrc : ara::core::ErrorDomain::CodeType {...};
kErrorClass= 0x1000000 Reserved (a multiplier of error class IDs)
Values:
kErrorSubClass= 0x10000 Reserved (a multiplier of error sub-class IDs)
kErrorSubSubClass= 0x100 Reserved (a multiplier of error sub-sub-class IDs)
kResourceFault= 1 * kErrorClass ResourceException: Generic resource fault!
kBusyResource= kResourceFault + 1 ResourceException: Specified resource is busy!
kInsufficientResource= kResourceFault ResourceException: Insufficient capacity of
+2 specified resource!
kUnreservedResource= kResource ResourceException: Specified resource was not
Fault + 3 reserved!
kModifiedResource= kResourceFault + ResourceException: Specified resource has been
4 modified!
kLogicFault= 2 * kErrorClass LogicException: Generic logic fault!
kInvalidArgument= kLogicFault + 1 * k InvalidArgumentException: An invalid argument
ErrorSubClass value is provided!
kUnknownIdentifier= kInvalidArgument InvalidArgumentException: Unknown identifier is
+1 provided!
kInsufficientCapacity= kInvalid InvalidArgumentException: Insufficient capacity of
Argument + 2 the output buffer!
kInvalidInputSize= kInvalidArgument + InvalidArgumentException: Invalid size of an input
3 buffer!
kIncompatibleArguments= kInvalid InvalidArgumentException: Provided values of
Argument + 4 arguments are incompatible!
kInOutBuffersIntersect= kInvalid InvalidArgumentException: Input and output buffers
Argument + 5 are intersect!
kBelowBoundary= kInvalidArgument + InvalidArgumentException: Provided value is below
6 the lower boundary!
kAboveBoundary= kInvalidArgument + InvalidArgumentException: Provided value is above
7 the upper boundary!
kAuthTagNotValid= kInvalidArgument + AuthTagNotValidException: Provided
8 authentication-tag cannot be verified!
5

310 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
kUnsupported= kInvalidArgument + 1 * UnsupportedException: Unsupported request (due
kErrorSubSubClass to limitations of the implementation)!
kInvalidUsageOrder= kLogicFault + 2 * InvalidUsageOrderException: Invalid usage order of
kErrorSubClass the interface!
kUninitializedContext= kInvalidUsage InvalidUsageOrderException: Context of the
Order + 1 interface was not initialized!
kProcessingNotStarted= kInvalidUsage InvalidUsageOrderException: Data processing was
Order + 2 not started yet!
kProcessingNotFinished= kInvalid InvalidUsageOrderException: Data processing was
UsageOrder + 3 not finished yet!
kRuntimeFault= 3 * kErrorClass RuntimeException: Generic runtime fault!
kUnsupportedFormat= kRuntimeFault RuntimeException: Unsupported serialization
+1 format for this object type!
kBruteForceRisk= kRuntimeFault + 2 RuntimeException: Operation is prohibitted due to a
risk of a brute force attack!
kContentRestrictions= kRuntimeFault + RuntimeException: The operation violates content
3 restrictions of the target container!
kBadObjectReference= kRuntimeFault RuntimeException: Incorrect reference between
+4 objects!
kContentDuplication= kRuntimeFault + RuntimeException: Provided content already exists
6 in the target storage!
kUnexpectedValue= kRuntimeFault + 1 UnexpectedValueException: Unexpected value of
* kErrorSubClass an argument is provided!
kIncompatibleObject= kUnexpected UnexpectedValueException: The provided object is
Value + 1 incompatible with requested operation or its
configuration!
kIncompleteArgState= kUnexpected UnexpectedValueException: Incomplete state of an
Value + 2 argument!
kEmptyContainer= kUnexpectedValue UnexpectedValueException: Specified container is
+3 empty!
kMissingArgument= kUnexpectedValue kMissingArgumentException: Expected argument,
+4 but none provided!
kBadObjectType= kUnexpectedValue + BadObjectTypeException: Provided object has
1 * kErrorSubSubClass unexpected type!
kUsageViolation= kRuntimeFault + 2 * UsageViolationException: Violation of allowed
kErrorSubClass usage for the object!
kAccessViolation= kRuntimeFault + 3 * AccessViolationException: Access rights violation!
kErrorSubClass
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: Enumeration of all Crypto Error Code values that may be reported by ara::crypto.

c(RS_CRYPTO_02310)
[SWS_CRYPT_30001]{DRAFT} d
Kind: struct
Symbol: SecureCounter
Scope: namespace ara::crypto
Syntax: struct ara::crypto::SecureCounter {...};
Header file: #include "ara/crypto/common/entry_point.h"
Description: 128 bit secure counter made up of most significant and least significant quad-word of the
hardware counter.

c(RS_CRYPTO_02401)

311 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10701]{DRAFT} d
Kind: type alias
Symbol: FormatId
Scope: class ara::crypto::Serializable
Derived from: std::uint32_t
Syntax: using ara::crypto::Serializable::FormatId = std::uint32_t;
Header file: #include "ara/crypto/common/serializable.h"
Description: A container type for the encoding format identifiers.

c(RS_CRYPTO_02004, RS_CRYPTO_02302)
[SWS_CRYPT_10019]{DRAFT} d
Kind: enumeration
Symbol: CryptoTransform
Scope: namespace ara::crypto
Underlying type: std::uint32_t
Syntax: enum class CryptoTransform : std::uint32_t {...};

Values: kEncrypt= 1 encryption

kDecrypt= 2 decryption
kMacVerify= 3 MAC verification.
kMacGenerate= 4 MAC generation.
kWrap= 5 key wrapping
kUnwrap= 6 key unwrapping
kSigVerify= 7 signature verification
kSigGenerate= 8 signature generation
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Enumeration of cryptographic transformations.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10852]{DRAFT} d
Kind: type alias
Symbol: Uptr
Scope: class ara::crypto::VolatileTrustedContainer
Derived from: std::unique_ptr<VolatileTrustedContainer>
Syntax: using ara::crypto::VolatileTrustedContainer::Uptr = std::unique_
ptr<VolatileTrustedContainer>;
Header file: #include "ara/crypto/common/volatile_trusted_container.h"
Description: Unique smart pointer of the interface.

c(RS_CRYPTO_02004)

312 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10400]{DRAFT} d
Kind: struct
Symbol: Uuid
Scope: namespace ara::crypto
Syntax: struct ara::crypto::Uuid {...};
Header file: #include "ara/crypto/common/uuid.h"
Description: Definition of Universally Unique Identifier (UUID) type. Independently from internal definition
details of this structure, it’s size must be 16 bytes and entropy of this ID should be close to 128
bit!

c(RS_CRYPTO_02005)
[SWS_CRYPT_10801]{DRAFT} d
Kind: type alias
Symbol: Uptr
Scope: class ara::crypto::IOInterface
Derived from: std::unique_ptr<IOInterface>
Syntax: using ara::crypto::IOInterface::Uptr = std::unique_ptr<IOInterface>;
Header file: #include "ara/crypto/common/io_interface.h"
Description: Unique smart pointer of the interface.

c(RS_CRYPTO_02109)
[SWS_CRYPT_10802]{DRAFT} d
Kind: type alias
Symbol: Uptrc
Scope: class ara::crypto::IOInterface
Derived from: std::unique_ptr<const IOInterface>
Syntax: using ara::crypto::IOInterface::Uptrc = std::unique_ptr<const
IOInterface>;
Header file: #include "ara/crypto/common/io_interface.h"
Description: Unique smart pointer of the constant interface.

c(RS_CRYPTO_02109)
[SWS_CRYPT_19903]{DRAFT} d
Kind: type alias
Symbol: Errc
Scope: class ara::crypto::CryptoErrorDomain
Derived from: CryptoErrc
Syntax: using ara::crypto::CryptoErrorDomain::Errc = CryptoErrc;
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: crypto error

c(RS_CRYPTO_02310)

313 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_19904]{DRAFT} d
Kind: type alias
Symbol: Exception
Scope: class ara::crypto::CryptoErrorDomain
Derived from: CryptoException
Syntax: using ara::crypto::CryptoErrorDomain::Exception = CryptoException;
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: Alias for the exception base class.

c(RS_CRYPTO_02310)
[SWS_CRYPT_10018]{DRAFT} d
Kind: enumeration
Symbol: KeySlotType
Scope: namespace ara::crypto
Underlying type: std::uint32_t
Syntax: enum class KeySlotType : std::uint32_t {...};
Values: kMachine= 1 machine type key-slot - can be managed by
application
kApplication= 2 application exclusive type key-slot
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Enumeration of key-slot types; currently only machine and applicaiton key-slots are defined.

c(RS_CRYPTO_02004)

8.5 API Reference

[SWS_CRYPT_10800]{DRAFT} d
Kind: class
Symbol: IOInterface
Scope: namespace ara::crypto
Syntax: class ara::crypto::IOInterface {...};
Header file: #include "ara/crypto/common/io_interface.h"
Description: Formal interface of an IOInterface is used for saving and loading of security objects. Actual
saving and loading should be implemented by internal methods known to a trusted pair of
Crypto Provider and Storage Provider. Each object should be uniquely identified by its type and
Crypto Object Unique Identifier (COUID). This interface suppose that objects in the container
are compressed i.e. have a minimal size optimized for.

c(RS_CRYPTO_02004)

314 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10700]{DRAFT} d
Kind: class
Symbol: Serializable
Scope: namespace ara::crypto
Syntax: class ara::crypto::Serializable {...};
Header file: #include "ara/crypto/common/serializable.h"
Description: Serializable object interface.

c(RS_CRYPTO_02105)
[SWS_CRYPT_10850]{DRAFT} d
Kind: class
Symbol: VolatileTrustedContainer
Scope: namespace ara::crypto
Syntax: class ara::crypto::VolatileTrustedContainer {...};
Header file: #include "ara/crypto/common/volatile_trusted_container.h"
Description: This explicit interface of a volatile Trusted Container is used for buffering CryptoAPI objects in
RAM. This class represents a "smart buffer" in that it provides access to the IOInterface, which
can be used for querying meta-data of the buffer content.

c(RS_CRYPTO_02004)
[SWS_CRYPT_19905]{DRAFT} d
Kind: class
Symbol: CryptoException
Scope: namespace ara::crypto
Base class: ara::core::Exception
Syntax: class ara::crypto::CryptoException : public ara::core::Exception
{...};
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: Exception type thrown for CRYPTO errors.

c(RS_CRYPTO_02310)
[SWS_CRYPT_19900]{DRAFT} d
Kind: class
Symbol: CryptoErrorDomain
Scope: namespace ara::crypto
Base class: ara::core::ErrorDomain
Syntax: class ara::crypto::CryptoErrorDomain final : public ara::core::Error
Domain {...};
Unique ID: 0x8000’0000’0000’0801
Header file: #include "ara/crypto/common/crypto_error_domain.h"
5

315 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Description: Crypto Error Domain class that provides interfaces as defined by ara::core::ErrorDomain such
as a name of the Crypto Error Domain or messages for each error code. This class represents
an error domain responsible for all errors that may be reported by public APIs in ara::crypto
namespace. .

c(RS_AP_00130)
[SWS_CRYPT_19951]{DRAFT} d
Kind: function
Symbol: MakeErrorCode(CryptoErrorDomain::Errc code, ara::core::ErrorDomain::SupportDataType
data)
Scope: namespace ara::crypto
Syntax: constexpr ara::core::ErrorCode ara::crypto::MakeErrorCode (CryptoError
Domain::Errc code, ara::core::ErrorDomain::SupportDataType data)
noexcept;
Parameters (in): code an error code identifier from the CryptoErrc
enumeration
data supplementary data for the error description
Return value: ara::core::ErrorCode an instance of ErrorCode created according the
arguments
Exception Safety: noexcept
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: Makes Error Code instances from the Crypto Error Domain. The returned ErrorCode instance
always references to CryptoErrorDomain.

c(RS_CRYPTO_02310)
[SWS_CRYPT_20099]{DRAFT} d
Kind: function
Symbol: LoadCryptoProvider(const ara::core::InstanceSpecifier &iSpecify)
Scope: namespace ara::crypto
Syntax: ara::crypto::cryp::CryptoProvider::Uptr ara::crypto::LoadCrypto
Provider (const ara::core::InstanceSpecifier &iSpecify) noexcept;
Parameters (in): iSpecify the globally unique identifier of required Crypto
Provider
Return value: ara::crypto::cryp::CryptoProvider::Uptr unique smart pointer to loaded Crypto Provider
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/entry_point.h"
Description: Factory that creates or return existing single instance of specific Crypto Provider. If (providerUid
== nullptr) then platform default provider should be loaded.

c(RS_CRYPTO_02401, RS_CRYPTO_02301)
[SWS_CRYPT_30099]{DRAFT} d
Kind: function
Symbol: LoadKeyStorageProvider()
Scope: namespace ara::crypto
5

316 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: ara::crypto::keys::KeyStorageProvider::Uptr ara::crypto::LoadKey
StorageProvider () noexcept;
Return value: ara::crypto::keys::KeyStorage unique smart pointer to loaded Key Storage Provider
Provider::Uptr
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kRuntimeFault if the Key Storage Provider instance cannot be
created
Header file: #include "ara/crypto/common/entry_point.h"
Description: Factory that creates or return existing single instance of the Key Storage Provider.

c(RS_CRYPTO_02109, RS_CRYPTO_02401, RS_CRYPTO_02301)

[SWS_CRYPT_40099]{DRAFT} d
Kind: function
Symbol: LoadX509Provider()
Scope: namespace ara::crypto
Syntax: ara::crypto::x509::X509Provider::Uptr ara::crypto::LoadX509Provider ()
noexcept;
Return value: ara::crypto::x509::X509Provider::Uptr unique smart pointer to loaded X.509 Provider
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kRuntimeFault if the X.509 Provider cannot be loaded
Header file: #include "ara/crypto/common/entry_point.h"
Description: Factory that creates or return existing single instance of the X.509 Provider. X.509 Provider
should use the default Crypto Provider for hashing and signature verification! Therefore when
you load the X.509 Provider, in background it loads the default Crypto Provider too.

c(RS_CRYPTO_02306, RS_CRYPTO_02301)
[SWS_CRYPT_30098]{DRAFT} d
Kind: function
Symbol: GenerateRandomData(std::uint32_t count)
Scope: namespace ara::crypto
Syntax: ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::GenerateRandomData (std::uint32_t count) noexcept;
Parameters (in): count number of random bytes to generate
Return value: ara::core::Result< ara::core::Vector< a buffer filled with the generated random sequence
ara::core::Byte > >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kBusyResource if the used RNG is currently out-of-entropy and
therefore cannot provide the requested number of
random bytes
Header file: #include "ara/crypto/common/entry_point.h"
Description: Return an allocated buffer with a generated random sequence of the requested size.

c(RS_CRYPTO_02206)

317 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_20098]{DRAFT} d
Kind: function
Symbol: GetSecureCounter()
Scope: namespace ara::crypto
Syntax: ara::core::Result<SecureCounter> ara::crypto::GetSecureCounter ()
noexcept;
Return value: ara::core::Result< SecureCounter > a SecureCounter struct made up of the two
unsigned 64 bit values (LSQW and MSQW)
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kUnsupported if the Secure Counter is unsupported by the Crypto
Stack implementation on this Platform
CryptoErrorDomain::kAccessViolation if current Actor has no permission to call this routine
Header file: #include "ara/crypto/common/entry_point.h"
Description: Get current value of 128 bit Secure Counter supported by the Crypto Stack. Secure Counter is
a non-rollover monotonic counter that ensures incrementation of its value for each following
call. The Secure Counter is presented by two 64 bit components: Most Significant Quadword
(MSQW) and Least Significant Quadword (LSQW). During normal operation of the Crypto
Stack, the MSQW value is fixed (unchangeable) and only LSQW should be incremented. The
LSQW counter can be implemented in the "low-power" (always-powered-up) domain of the
main CPU, but the MSQW in the Flash/EEPROM storage. But the MSQW must be incremented
if the LSQW reaches the maximum value of all ones. Also the MSQW must be incremented
during reinitialisation of the whole Crypto Stack (e.g. if the "low-power" supply was interrupted
by some reason). Permission to execute this routine is subject of Identity and Access
Management control and may be restricted by application manifest!

c(RS_CRYPTO_02401)
[SWS_CRYPT_10112]{DRAFT} d
Kind: function
Symbol: HasEarlierVersionThan(const CryptoObjectUid &anotherId)
Scope: struct ara::crypto::CryptoObjectUid
Syntax: constexpr bool ara::crypto::CryptoObjectUid::HasEarlierVersionThan
(const CryptoObjectUid &anotherId) const noexcept;
Parameters (in): anotherId another identifier for the comparison
Return value: bool true if this identifier was generated earlier than the
anotherId
Exception Safety: noexcept
Thread Safety: Reentrant
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Check whether this identifier was generated earlier than the one provided by the argument.

c(RS_CRYPTO_02006)
[SWS_CRYPT_10113]{DRAFT} d
Kind: function
Symbol: HasLaterVersionThan(const CryptoObjectUid &anotherId)
Scope: struct ara::crypto::CryptoObjectUid
5

318 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: constexpr bool ara::crypto::CryptoObjectUid::HasLaterVersionThan
(const CryptoObjectUid &anotherId) const noexcept;
Parameters (in): anotherId another identifier for the comparison
Return value: bool true if this identifier was generated later than the
anotherId
Exception Safety: noexcept
Thread Safety: Reentrant
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Check whether this identifier was generated later than the one provided by the argument.

c(RS_CRYPTO_02006)
[SWS_CRYPT_10111]{DRAFT} d
Kind: function
Symbol: HasSameSourceAs(const CryptoObjectUid &anotherId)
Scope: struct ara::crypto::CryptoObjectUid
Syntax: constexpr bool ara::crypto::CryptoObjectUid::HasSameSourceAs (const
CryptoObjectUid &anotherId) const noexcept;
Parameters (in): anotherId another identifier for the comparison
Return value: bool true if both identifiers has common source (identical
value of the mGeneratorUid field)
Exception Safety: noexcept
Thread Safety: Reentrant
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Check whether this identifier has a common source with the one provided by the argument.

c(RS_CRYPTO_02006)
[SWS_CRYPT_10114]{DRAFT} d
Kind: function
Symbol: IsNil()
Scope: struct ara::crypto::CryptoObjectUid
Syntax: bool ara::crypto::CryptoObjectUid::IsNil () const noexcept;
Return value: bool true if this identifier is "Nil" and false otherwise
Exception Safety: noexcept
Thread Safety: Reentrant
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Check whether this identifier is "Nil".

c(RS_CRYPTO_02006)
[SWS_CRYPT_10115]{DRAFT} d
Kind: function
Symbol: SourceIsNil()
Scope: struct ara::crypto::CryptoObjectUid
5

319 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: bool ara::crypto::CryptoObjectUid::SourceIsNil () const noexcept;
Return value: bool true if this identifier is "Nil" and false otherwise
Exception Safety: noexcept
Thread Safety: Reentrant
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Check whether this object’s generator identifier is "Nil".

c(RS_CRYPTO_02006)
[SWS_CRYPT_10810]{DRAFT} d
Kind: function
Symbol: ~IOInterface()
Scope: class ara::crypto::IOInterface
Syntax: virtual ara::crypto::IOInterface::~IOInterface () noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/common/io_interface.h"
Description: Destructor.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10819]{DRAFT} d
Kind: function
Symbol: GetAllowedUsage()
Scope: class ara::crypto::IOInterface
Syntax: virtual AllowedUsageFlags ara::crypto::IOInterface::GetAllowedUsage ()
const noexcept=0;
Return value: AllowedUsageFlags allowed key/seed usage flags
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return actual allowed key/seed usage flags defined by the key slot prototype for this "Actor"
and current content of the container. Volatile containers don’t have any prototyped restrictions,
but can have restrictions defined at run-time for a current instance of object. A value returned
by this method is bitwise AND of the common usage flags defined at run-time and the usage
flags defined by the UserPermissions prototype for current "Actor". This method is especially
useful for empty permanent prototyped containers.

c(RS_CRYPTO_02008)
[SWS_CRYPT_10813]{DRAFT} d
Kind: function
Symbol: GetCapacity()
Scope: class ara::crypto::IOInterface
Syntax: virtual std::size_t ara::crypto::IOInterface::GetCapacity () const
noexcept=0;
Return value: std::size_t capacity of the underlying buffer of this IOInterface
(in bytes)
5

320 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return capacity of the underlying resource.

c(RS_CRYPTO_02110)
[SWS_CRYPT_10812]{DRAFT} d
Kind: function
Symbol: GetCryptoObjectType()
Scope: class ara::crypto::IOInterface
Syntax: virtual CryptoObjectType ara::crypto::IOInterface::GetCryptoObjectType
() const noexcept=0;
Return value: CryptoObjectType the CryptoObjectType stored inside the referenced
resource
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return the CryptoObjectType of the object referenced by this IOInterface.

c(RS_CRYPTO_02110)
[SWS_CRYPT_10811]{DRAFT} d
Kind: function
Symbol: GetObjectId()
Scope: class ara::crypto::IOInterface
Syntax: virtual CryptoObjectUid ara::crypto::IOInterface::GetObjectId () const
noexcept=0;
Return value: CryptoObjectUid type of the content stored in the container
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return COUID of an object stored to this IOInterface. If the container is empty then this method
returns CryptoObjectType::KUndefined. Unambiguous identification of a crypto object requires
both components: CryptoObjectUid and CryptoObjectType.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10817]{DRAFT} d
Kind: function
Symbol: GetPayloadSize()
Scope: class ara::crypto::IOInterface
Syntax: virtual std::size_t ara::crypto::IOInterface::GetPayloadSize () const
noexcept=0;
Return value: std::size_t size of an object payload stored in the underlying
buffer of this IOInterface (in bytes)
5

321 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return size of an object payload stored in the underlying buffer of this IOInterface. If the
container is empty then this method returns 0. Returned value does not take into account the
object’s meta-information properties, but their size is fixed and common for all crypto objects
independently from their actual type. space for an object’s meta-information automatically,
according to their implementation details.

c(RS_CRYPTO_02109)
[SWS_CRYPT_10822]{DRAFT} d
Kind: function
Symbol: GetPrimitiveId()
Scope: class ara::crypto::IOInterface
Syntax: virtual CryptoAlgId ara::crypto::IOInterface::GetPrimitiveId () const
noexcept=0;
Return value: CryptoAlgId the binary Crypto Primitive ID
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Get vendor specific ID of the primitive.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10818]{DRAFT} d
Kind: function
Symbol: GetTypeRestriction()
Scope: class ara::crypto::IOInterface
Syntax: virtual CryptoObjectType ara::crypto::IOInterface::GetTypeRestriction
() const noexcept=0;
Return value: CryptoObjectType an object type of allowed content (CryptoObject
Type::kUndefined means without restriction)
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return content type restriction of this IOInterface. If KeySlotPrototypeProps::mAllowContent
TypeChange==TRUE, then kUndefined shall be returned. If a container has a type restriction
different from CryptoObjectType::kUndefined then only objects of the mentioned type can be
saved to this container. Volatile containers don’t have any content type restrictions.

c(RS_CRYPTO_02004, RS_CRYPTO_02110)
[SWS_CRYPT_10816]{DRAFT} d
Kind: function
Symbol: IsObjectExportable()
Scope: class ara::crypto::IOInterface
5

322 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: virtual bool ara::crypto::IOInterface::IsObjectExportable () const
noexcept=0;
Return value: bool true if an object stored to the container has set the
"exportable" attribute
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return the "exportable" attribute of an object stored to the container. The exportability of an
object doesn’t depend from the volatility of its container.

c(RS_CRYPTO_02109)
[SWS_CRYPT_10815]{DRAFT} d
Kind: function
Symbol: IsObjectSession()
Scope: class ara::crypto::IOInterface
Syntax: virtual bool ara::crypto::IOInterface::IsObjectSession () const
noexcept=0;
Return value: bool true if the object referenced by this IOInterface has
set the "session" attribute
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return the "session" (or "temporary") attribute of an object as set e.g. by KeyDerivation
FunctionCtx::DeriveKey(). A "session" object can be stored to a VolatileTrustedContainer only!
If this IOInterface is linked to a KeySlot this returns always false.

c(RS_CRYPTO_02109)
[SWS_CRYPT_10814]{DRAFT} d
Kind: function
Symbol: IsVolatile()
Scope: class ara::crypto::IOInterface
Syntax: virtual bool ara::crypto::IOInterface::IsVolatile () const noexcept=0;
Return value: bool true if the container has a volatile nature (i.e.
"temporary" or "in RAM") or false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Return volatility of the the underlying buffer of this IOInterface. A "session" object can be stored
to a "volatile" container only. A content of a "volatile" container will be destroyed together with
the interface instance.

c(RS_CRYPTO_02109)

323 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10823]{DRAFT} d
Kind: function
Symbol: IsValid()
Scope: class ara::crypto::IOInterface
Syntax: virtual bool ara::crypto::IOInterface::IsValid () const noexcept=0;
Return value: bool true if the underlying resource can be valid, false
otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Get whether the underlying KeySlot is valid. An IOInterface is invalidated if the underlying
resource has been modified after the IOInterface has been opened.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10821]{DRAFT} d
Kind: function
Symbol: IsWritable()
Scope: class ara::crypto::IOInterface
Syntax: virtual bool ara::crypto::IOInterface::IsWritable () const noexcept=0;
Return value: bool true if the underlying resource can be written
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/io_interface.h"
Description: Get whether the underlying KeySlot is writable - if this IOInterface is linked to a VolatileTrusted
Container always return true.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30202]{DRAFT} d
Kind: function
Symbol: operator=(const IOInterface &other)
Scope: class ara::crypto::IOInterface
Syntax: IOInterface& ara::crypto::IOInterface::operator= (const IOInterface
&other)=default;
Parameters (in): other the other instance
Return value: IOInterface & *this, containing the contents of other
Header file: #include "ara/crypto/common/io_interface.h"
Description: Copy-assign another IOInterface to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30203]{DRAFT} d
Kind: function
Symbol: operator=(IOInterface &&other)
Scope: class ara::crypto::IOInterface
5

324 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: IOInterface& ara::crypto::IOInterface::operator= (IOInterface
&&other)=default;
Parameters (in): other the other instance
Return value: IOInterface & *this, containing the contents of other
Header file: #include "ara/crypto/common/io_interface.h"
Description: Move-assign another IOInterface to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10150]{DRAFT} d
Kind: function
Symbol: operator==(const CryptoObjectUid &lhs, const CryptoObjectUid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator== (const CryptoObjectUid &lhs,
const CryptoObjectUid &rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if all members’ values of lhs is equal to rhs, and
false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Comparison operator "equal" for CryptoObjectUid operands.

c(RS_CRYPTO_02005)
[SWS_CRYPT_10151]{DRAFT} d
Kind: function
Symbol: operator<(const CryptoObjectUid &lhs, const CryptoObjectUid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator< (const CryptoObjectUid &lhs,
const CryptoObjectUid &rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is less than rhs,
and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Comparison operator "less than" for CryptoObjectUid operands.

c(RS_CRYPTO_02005)

325 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10152]{DRAFT} d
Kind: function
Symbol: operator>(const CryptoObjectUid &lhs, const CryptoObjectUid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator> (const CryptoObjectUid &lhs,
const CryptoObjectUid &rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is greater than
rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Comparison operator "greater than" for CryptoObjectUid operands.

c(RS_CRYPTO_02005)
[SWS_CRYPT_10153]{DRAFT} d
Kind: function
Symbol: operator!=(const CryptoObjectUid &lhs, const CryptoObjectUid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator!= (const CryptoObjectUid &lhs,
const CryptoObjectUid &rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if at least one member of lhs has a value not
equal to correspondent member of rhs, and false
otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Comparison operator "not equal" for CryptoObjectUid operands.

c(RS_CRYPTO_02005)
[SWS_CRYPT_10154]{DRAFT} d
Kind: function
Symbol: operator<=(const CryptoObjectUid &lhs, const CryptoObjectUid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator<= (const CryptoObjectUid &lhs,
const CryptoObjectUid &rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is less than or
equal to rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
5

326 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Comparison operator "less than or equal" for CryptoObjectUid operands.

c(RS_CRYPTO_02005)
[SWS_CRYPT_10155]{DRAFT} d
Kind: function
Symbol: operator>=(const CryptoObjectUid &lhs, const CryptoObjectUid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator>= (const CryptoObjectUid &lhs,
const CryptoObjectUid &rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is greater than
or equal to rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Comparison operator "greater than or equal" for CryptoObjectUid operands.

c(RS_CRYPTO_02005)
[SWS_CRYPT_10451]{DRAFT} d
Kind: function
Symbol: operator==(const Uuid &lhs, const Uuid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator== (const Uuid &lhs, const Uuid
&rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is equal to rhs,
and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Comparison operator "equal" for Uuid operands.

c(RS_CRYPTO_02112)
[SWS_CRYPT_10452]{DRAFT} d
Kind: function
Symbol: operator<(const Uuid &lhs, const Uuid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator< (const Uuid &lhs, const Uuid
&rhs) noexcept;
Parameters (in): lhs left-hand side operand
5

327 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is less than rhs,
and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Comparison operator "less than" for Uuid operands.

c(RS_CRYPTO_02112)
[SWS_CRYPT_10453]{DRAFT} d
Kind: function
Symbol: operator>(const Uuid &lhs, const Uuid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator> (const Uuid &lhs, const Uuid
&rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is greater than
rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Comparison operator "greater than" for Uuid operands.

c(RS_CRYPTO_02112)
[SWS_CRYPT_10454]{DRAFT} d
Kind: function
Symbol: operator!=(const Uuid &lhs, const Uuid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator!= (const Uuid &lhs, const Uuid
&rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is not equal to
rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Comparison operator "not equal" for Uuid operands.

c(RS_CRYPTO_02112)

328 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10455]{DRAFT} d
Kind: function
Symbol: operator<=(const Uuid &lhs, const Uuid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator<= (const Uuid &lhs, const Uuid
&rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is less than or
equal to rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Comparison operator "less than or equal" for Uuid operands.

c(RS_CRYPTO_02112)
[SWS_CRYPT_10456]{DRAFT} d
Kind: function
Symbol: operator>=(const Uuid &lhs, const Uuid &rhs)
Scope: namespace ara::crypto
Syntax: constexpr bool ara::crypto::operator>= (const Uuid &lhs, const Uuid
&rhs) noexcept;
Parameters (in): lhs left-hand side operand
rhs right-hand side operand
Return value: bool true if a binary representation of lhs is greater than
or equal to rhs, and false otherwise
Exception Safety: noexcept
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Comparison operator "greater than or equal" for Uuid operands.

c(RS_CRYPTO_02112)
[SWS_CRYPT_19954]{DRAFT} d
Kind: function
Symbol: ThrowAsException(const ara::core::ErrorCode &errorCode)
Scope: class ara::crypto::CryptoErrorDomain
Syntax: void ara::crypto::CryptoErrorDomain::ThrowAsException (const
ara::core::ErrorCode &errorCode) const override;
Parameters (in): errorCode an error code identifier from the CryptoErrc
enumeration
Return value: None
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: throws exception of error code

c(RS_CRYPTO_02310)

329 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_19902]{DRAFT} d
Kind: function
Symbol: CryptoErrorDomain()
Scope: class ara::crypto::CryptoErrorDomain
Syntax: constexpr ara::crypto::CryptoErrorDomain::CryptoErrorDomain ()
noexcept;
Exception Safety: noexcept
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: Ctor of the CryptoErrorDomain.

c(RS_CRYPTO_02310)
[SWS_CRYPT_19950]{DRAFT} d
Kind: function
Symbol: Name()
Scope: class ara::crypto::CryptoErrorDomain
Syntax: const char* ara::crypto::CryptoErrorDomain::Name () const noexcept
override;
Return value: const char * "Crypto" text
Exception Safety: noexcept
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: returns Text "Crypto"

c(RS_CRYPTO_02310)
[SWS_CRYPT_19953]{DRAFT} d
Kind: function
Symbol: Message(ara::core::ErrorDomain::CodeType errorCode)
Scope: class ara::crypto::CryptoErrorDomain
Syntax: const char* ara::crypto::CryptoErrorDomain::Message (ara::core::Error
Domain::CodeType errorCode) const noexcept override;
Parameters (in): errorCode an error code identifier from the CryptoErrc
enumeration
Return value: const char * message text of error code
Exception Safety: noexcept
Header file: #include "ara/crypto/common/crypto_error_domain.h"
Description: Translate an error code value into a text message.

c(RS_CRYPTO_02310)
[SWS_CRYPT_10710]{DRAFT} d
Kind: function
Symbol: ~Serializable()
Scope: class ara::crypto::Serializable
Syntax: virtual ara::crypto::Serializable::~Serializable () noexcept=default;
Exception Safety: noexcept
5

330 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Header file: #include "ara/crypto/common/serializable.h"
Description: Destructor.

c(RS_CRYPTO_02004, RS_CRYPTO_02302)
[SWS_CRYPT_10711]{DRAFT} d
Kind: function
Symbol: ExportPublicly(FormatId formatId=kFormatDefault)
Scope: class ara::crypto::Serializable
Syntax: virtual ara::core::Result<ara::core::Vector<ara::core::Byte> >
ara::crypto::Serializable::ExportPublicly (FormatId formatId=kFormat
Default) const noexcept=0;
Parameters (in): formatId the Crypto Provider specific identifier of the output
format
Return value: ara::core::Result< ara::core::Vector< a buffer with the serialized object
ara::core::Byte > >
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInsufficient if (output.empty() == false), but it’s capacity is less
Capacity than required
CryptoErrorDomain::kUnknown if an unknown format ID was specified
Identifier
CryptoErrorDomain::kUnsupported if the specified format ID is not supported for this
Format object type
Header file: #include "ara/crypto/common/serializable.h"
Description: Serialize itself publicly.

c(RS_CRYPTO_02112)
[SWS_CRYPT_10712]{DRAFT} d
Kind: function
Symbol: ExportPublicly(FormatId formatId=kFormatDefault)
Scope: class ara::crypto::Serializable
Syntax: template <typename Alloc = <implementation-defined>>
ara::core::Result<ByteVector<Alloc> >
ara::crypto::Serializable::ExportPublicly (FormatId formatId=kFormat
Default) const noexcept;
Template param: Alloc custom allocator type of the output container
Parameters (in): formatId the Crypto Provider specific identifier of the output
format
Return value: ara::core::Result< ByteVector< Alloc > pre-reserved managed container for the serialization
> output
Exception Safety: noexcept
Thread Safety: Thread-safe
Errors: CryptoErrorDomain::kInsufficient if capacity of the output buffer is less than required
Capacity
CryptoErrorDomain::kUnknown if an unknown format ID was specified
Identifier
5

331 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
CryptoErrorDomain::kUnsupported if the specified format ID is not supported for this
Format object type
Header file: #include "ara/crypto/common/serializable.h"
Description: Serialize itself publicly. This method sets the size of the output container according to actually
saved value!

c(RS_CRYPTO_02112)
[SWS_CRYPT_30204]{DRAFT} d
Kind: function
Symbol: operator=(const Serializable &other)
Scope: class ara::crypto::Serializable
Syntax: Serializable& ara::crypto::Serializable::operator= (const Serializable
&other)=default;
Parameters (in): other the other instance
Return value: Serializable & *this, containing the contents of other
Header file: #include "ara/crypto/common/serializable.h"
Description: Copy-assign another Serializable to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30205]{DRAFT} d
Kind: function
Symbol: operator=(Serializable &&other)
Scope: class ara::crypto::Serializable
Syntax: Serializable& ara::crypto::Serializable::operator= (Serializable
&&other)=default;
Parameters (in): other the other instance
Return value: Serializable & *this, containing the contents of other
Header file: #include "ara/crypto/common/serializable.h"
Description: Move-assign another Serializable to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10851]{DRAFT} d
Kind: function
Symbol: ~VolatileTrustedContainer()
Scope: class ara::crypto::VolatileTrustedContainer
Syntax: virtual ara::crypto::VolatileTrustedContainer::~VolatileTrusted
Container () noexcept=default;
Exception Safety: noexcept
Header file: #include "ara/crypto/common/volatile_trusted_container.h"
Description: Destructor.

c(RS_CRYPTO_02004)

332 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10853]{DRAFT} d
Kind: function
Symbol: GetIOInterface()
Scope: class ara::crypto::VolatileTrustedContainer
Syntax: virtual IOInterface& ara::crypto::VolatileTrustedContainer::Get
IOInterface () const noexcept=0;
Return value: IOInterface & a reference to the IOInterface of this container
Exception Safety: noexcept
Header file: #include "ara/crypto/common/volatile_trusted_container.h"
Description: Retrieve the IOInterface used for importing/exporting objects into this container.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30206]{DRAFT} d
Kind: function
Symbol: operator=(const VolatileTrustedContainer &other)
Scope: class ara::crypto::VolatileTrustedContainer
Syntax: VolatileTrustedContainer& ara::crypto::VolatileTrusted
Container::operator= (const VolatileTrustedContainer &other)=default;
Parameters (in): other the other instance
Return value: VolatileTrustedContainer & *this, containing the contents of other
Header file: #include "ara/crypto/common/volatile_trusted_container.h"
Description: Copy-assign another VolatileTrustedContainer to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_30207]{DRAFT} d
Kind: function
Symbol: operator=(VolatileTrustedContainer &&other)
Scope: class ara::crypto::VolatileTrustedContainer
Syntax: VolatileTrustedContainer& ara::crypto::VolatileTrusted
Container::operator= (VolatileTrustedContainer &&other)=default;
Parameters (in): other the other instance
Return value: VolatileTrustedContainer & *this, containing the contents of other
Header file: #include "ara/crypto/common/volatile_trusted_container.h"
Description: Move-assign another VolatileTrustedContainer to this instance.

c(RS_CRYPTO_02004)
[SWS_CRYPT_10411]{DRAFT} d
Kind: function
Symbol: IsNil()
Scope: struct ara::crypto::Uuid
Syntax: bool ara::crypto::Uuid::IsNil () const noexcept;
Return value: bool true if this identifier is "Nil" and false otherwise
Exception Safety: noexcept
5

333 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Thread Safety: Thread-safe
Header file: #include "ara/crypto/common/uuid.h"
Description: Check whether this identifier is the "Nil UUID" (according to RFC4122).

c(RS_CRYPTO_02005)
[SWS_CRYPT_13000]{DRAFT} d
Kind: variable
Symbol: kAlgIdUndefined
Scope: namespace ara::crypto
Type: const CryptoAlgId
Syntax: const CryptoAlgId ara::crypto::kAlgIdUndefined = 0u;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Algorithm ID is undefined. Also this value may be used in meanings: Any or Default algorithm,
None of algorithms.
Effective values of Crypto Algorithm IDs are specific for concrete Crypto Stack implementation.
But the zero value is reserved for especial purposes, that can differ depending from a usage
context. This group defines a few constant names of the single zero value, but semantically
they have different meaning specific for concrete application of the constant.

c(RS_CRYPTO_02107)
[SWS_CRYPT_13001]{DRAFT} d
Kind: variable
Symbol: kAlgIdAny
Scope: namespace ara::crypto
Type: const CryptoAlgId
Syntax: const CryptoAlgId ara::crypto::kAlgIdAny = kAlgIdUndefined;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Any Algorithm ID is allowed.

c(RS_CRYPTO_02107)
[SWS_CRYPT_13002]{DRAFT} d
Kind: variable
Symbol: kAlgIdDefault
Scope: namespace ara::crypto
Type: const CryptoAlgId
Syntax: const CryptoAlgId ara::crypto::kAlgIdDefault = kAlgIdUndefined;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Default Algorithm ID (in current context/primitive).

c(RS_CRYPTO_02107)

334 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_13003]{DRAFT} d
Kind: variable
Symbol: kAlgIdNone
Scope: namespace ara::crypto
Type: const CryptoAlgId
Syntax: const CryptoAlgId ara::crypto::kAlgIdNone = kAlgIdUndefined;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: None of Algorithm ID (i.e. an algorithm definition is not applicable).

c(RS_CRYPTO_02107)
[SWS_CRYPT_13102]{DRAFT} d
Kind: variable
Symbol: kAllowDataDecryption
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDataDecryption = 0x0002;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key/seed can be used for data decryption initialization (applicable to symmetric and
asymmetric algorithms).

c(RS_CRYPTO_02111)
[SWS_CRYPT_13101]{DRAFT} d
Kind: variable
Symbol: kAllowDataEncryption
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDataEncryption = 0x0001;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key/seed can be used for data encryption initialization (applicable to symmetric and
asymmetric algorithms).

c(RS_CRYPTO_02111)
[SWS_CRYPT_13113]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedDataDecryption
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedDataDecryption = k
AllowDataDecryption << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used for data decryption.

c(RS_CRYPTO_02111)

335 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_13112]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedDataEncryption
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedDataEncryption = k
AllowDataEncryption << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used for data encryption.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13117]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedRngInit
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedRngInit = kAllowRng
Init << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used for seeding of a RandomGeneratorContext.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13121]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedExactModeOnly
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedExactModeOnly = k
AllowExactModeOnly << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Restrict usage of derived objects to specified operation mode only. A derived seed or
symmetric key can be used only for the mode directly specified by Key::AlgId.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13118]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedKdfMaterial
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedKdfMaterial = kAllow
KdfMaterial << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used as a RestrictedUseObject for slave-keys
derivation via a Key Derivation Function (KDF).

c(RS_CRYPTO_02111)

336 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_13122]{DRAFT} d
Kind: variable
Symbol: kAllowKdfMaterialAnyUsage
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowKdfMaterialAnyUsage = k
AllowKdfMaterial | kAllowDerivedDataEncryption | kAllowDerivedData
Decryption | kAllowDerivedSignature | kAllowDerivedVerification | k
AllowDerivedKeyDiversify | kAllowDerivedRngInit | kAllowDerivedKdf
Material | kAllowDerivedKeyExporting | kAllowDerivedKeyImporting;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: Allow usage of the object as a key material for KDF and any usage of derived objects. The
seed or symmetric key can be used as a RestrictedUseObject for a Key Derivation Function
(KDF) and the derived "slave" keys can be used without limitations.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13116]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedKeyDiversify
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedKeyDiversify = k
AllowKeyDiversify << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used for slave-keys diversification.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13119]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedKeyExporting
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedKeyExporting = k
AllowKeyExporting << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used as a "transport" one for Key-Wrap transformation.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13120]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedKeyImporting
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
5

337 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedKeyImporting = k
AllowKeyImporting << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used as a "transport" one for Key-Unwrap
transformation.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13114]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedSignature
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedSignature = kAllow
Signature << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used for MAC/HMAC production.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13115]{DRAFT} d
Kind: variable
Symbol: kAllowDerivedVerification
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowDerivedVerification = k
AllowVerification << 16;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: A derived seed or symmetric key can be used for MAC/HMAC verification.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13111]{DRAFT} d
Kind: variable
Symbol: kAllowExactModeOnly
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowExactModeOnly = 0x8000;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key can be used only for the mode directly specified by Key::AlgId.

c(RS_CRYPTO_02111)

338 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_13108]{DRAFT} d
Kind: variable
Symbol: kAllowKdfMaterial
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowKdfMaterial = 0x0080;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The object can be used as an input key material to KDF. The seed or symmetric key can be
used as a RestrictedUseObject for slave-keys derivation via a Key Derivation Function (KDF).

c(RS_CRYPTO_02111)
[SWS_CRYPT_13105]{DRAFT} d
Kind: variable
Symbol: kAllowKeyAgreement
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowKeyAgreement = 0x0010;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The seed or asymmetric key can be used for key-agreement protocol execution.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13106]{DRAFT} d
Kind: variable
Symbol: kAllowKeyDiversify
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowKeyDiversify = 0x0020;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The seed or symmetric key can be used for slave-keys diversification.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13109]{DRAFT} d
Kind: variable
Symbol: kAllowKeyExporting
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowKeyExporting = 0x0100;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key can be used as "transport" one for Key-Wrap or Encapsulate transformations
(applicable to symmetric and asymmetric keys).

c(RS_CRYPTO_02111)

339 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_13110]{DRAFT} d
Kind: variable
Symbol: kAllowKeyImporting
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowKeyImporting = 0x0200;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key can be used as "transport" one for Key-Unwrap or Decapsulate transformations
(applicable to symmetric and asymmetric keys).

c(RS_CRYPTO_02111)
[SWS_CRYPT_13100]{DRAFT} d
Kind: variable
Symbol: kAllowPrototypedOnly
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowPrototypedOnly = 0;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: This group contains list of constant 1-bit values predefined for Allowed Usage flags.
The key/seed usage will be fully specified by a key slot prototype (the object can be used only
after reloading from the slot).

c(RS_CRYPTO_02111)
[SWS_CRYPT_13107]{DRAFT} d
Kind: variable
Symbol: kAllowRngInit
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowRngInit = 0x0040;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The seed or symmetric key can be used for seeding of a RandomGeneratorCtx.

c(RS_CRYPTO_02111)
[SWS_CRYPT_13103]{DRAFT} d
Kind: variable
Symbol: kAllowSignature
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowSignature = 0x0004;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key/seed can be used for digital signature or MAC/HMAC production (applicable to
symmetric and asymmetric algorithms).

c(RS_CRYPTO_02111)

340 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_13104]{DRAFT} d
Kind: variable
Symbol: kAllowVerification
Scope: namespace ara::crypto
Type: const AllowedUsageFlags
Syntax: const AllowedUsageFlags ara::crypto::kAllowVerification = 0x0008;
Header file: #include "ara/crypto/common/base_id_types.h"
Description: The key/seed can be used for digital signature or MAC/HMAC verification (applicable to
symmetric and asymmetric algorithms).

c(RS_CRYPTO_02111)
[SWS_CRYPT_10102]{DRAFT} d
Kind: variable
Symbol: mVersionStamp
Scope: struct ara::crypto::CryptoObjectUid
Type: std::uint64_t
Syntax: std::uint64_t ara::crypto::CryptoObjectUid::mVersionStamp = 0u;
Header file: #include "ara/crypto/common/crypto_object_uid.h"
Description: Sequential value of a steady timer or simple counter, representing version of correspondent
Crypto Object.

c(RS_CRYPTO_02006)
[SWS_CRYPT_30002]{DRAFT} d
Kind: variable
Symbol: mLSQW
Scope: struct ara::crypto::SecureCounter
Type: std::uint64_t
Syntax: std::uint64_t ara::crypto::SecureCounter::mLSQW;
Header file: #include "ara/crypto/common/entry_point.h"
Description: least significant 64 bits

c(RS_CRYPTO_02401)
[SWS_CRYPT_30003]{DRAFT} d
Kind: variable
Symbol: mMSQW
Scope: struct ara::crypto::SecureCounter
Type: std::uint64_t
Syntax: std::uint64_t ara::crypto::SecureCounter::mMSQW;
Header file: #include "ara/crypto/common/entry_point.h"
Description: most significant 64 bits

c(RS_CRYPTO_02401)

341 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10750]{DRAFT} d
Kind: variable
Symbol: kFormatDefault
Scope: class ara::crypto::Serializable
Type: const FormatId
Syntax: static const FormatId ara::crypto::Serializable::kFormatDefault = 0;
Header file: #include "ara/crypto/common/serializable.h"
Description: Default serialization format.

c(RS_CRYPTO_02004, RS_CRYPTO_02302)
[SWS_CRYPT_10752]{DRAFT} d
Kind: variable
Symbol: kFormatDerEncoded
Scope: class ara::crypto::Serializable
Type: const FormatId
Syntax: static const FormatId ara::crypto::Serializable::kFormatDerEncoded =
2;
Header file: #include "ara/crypto/common/serializable.h"
Description: Export DER-encoded value of an object.

c(RS_CRYPTO_02004, RS_CRYPTO_02302)
[SWS_CRYPT_10753]{DRAFT} d
Kind: variable
Symbol: kFormatPemEncoded
Scope: class ara::crypto::Serializable
Type: const FormatId
Syntax: static const FormatId ara::crypto::Serializable::kFormatPemEncoded =
3;
Header file: #include "ara/crypto/common/serializable.h"
Description: Export PEM-encoded value of an object.

c(RS_CRYPTO_02004, RS_CRYPTO_02302)
[SWS_CRYPT_10751]{DRAFT} d
Kind: variable
Symbol: kFormatRawValueOnly
Scope: class ara::crypto::Serializable
Type: const FormatId
Syntax: static const FormatId ara::crypto::Serializable::kFormatRawValueOnly =
1;
Header file: #include "ara/crypto/common/serializable.h"
Description: Export only raw value of an object.

c(RS_CRYPTO_02004, RS_CRYPTO_02302)

342 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

[SWS_CRYPT_10412]{DRAFT} d
Kind: variable
Symbol: mQwordLs
Scope: struct ara::crypto::Uuid
Type: std::uint64_t
Syntax: std::uint64_t ara::crypto::Uuid::mQwordLs = 0u;
Header file: #include "ara/crypto/common/uuid.h"
Description: Less significant QWORD.

c(RS_CRYPTO_02005)
[SWS_CRYPT_10413]{DRAFT} d
Kind: variable
Symbol: mQwordMs
Scope: struct ara::crypto::Uuid
Type: std::uint64_t
Syntax: std::uint64_t ara::crypto::Uuid::mQwordMs = 0u;
Header file: #include "ara/crypto/common/uuid.h"
Description: Most significant QWORD.

c(RS_CRYPTO_02005)

343 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

9 Service Interfaces
No content defined.

9.1 Type definitions

No types are defined for service interfaces.

9.2 Provided Service Interfaces

No service interfaces are provided.

9.3 Required Service Interfaces

No service interfaces are required.

9.4 Application Errors

No application errors are defined.

344 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

A Mentioned Manifest Elements

For the sake of completeness, this chapter contains a set of class tables representing
meta-classes mentioned in the context of this document but which are not contained
directly in the scope of describing specific meta-model semantics.
Chapter is generated.
Class AdaptiveApplicationSwComponentType
Package M2::AUTOSARTemplates::AdaptivePlatform::ApplicationDesign::ApplicationStructure
Note This meta-class represents the ability to support the formal modeling of application software on the
AUTOSAR adaptive platform. Consequently, it shall only be used on the AUTOSAR adaptive platform.
Tags:atp.recommendedPackage=AdaptiveApplicationSwComponentTypes
Base ARElement, ARObject, AtpBlueprint, AtpBlueprintable, AtpClassifier , AtpType, CollectableElement,
Identifiable, MultilanguageReferrable, PackageableElement, Referrable, SwComponentType
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
internalBehavior AdaptiveSwcInternal 0..1 aggr This aggregation represents the internal behavior of the
Behavior AdaptiveApplicationSwComponentType for the AUTOSAR
adaptive platform.
Stereotypes: atpSplitable; atpVariation
Tags:
atp.Splitkey=internalBehavior.shortName, internal
Behavior.variationPoint.shortLabel
vh.latestBindingTime=preCompileTime

Table A.1: AdaptiveApplicationSwComponentType

Class CryptoCertificate
Package M2::AUTOSARTemplates::AdaptivePlatform::PlatformModuleDeployment::CryptoDeployment
Note This meta-class represents the ability to model a cryptographic certificate.
Base ARObject, Identifiable, MultilanguageReferrable, Referrable
Aggregated by CryptoModuleInstantiation.cryptoCertificate
Attribute Type Mult. Kind Note
isPrivate Boolean 0..1 attr This attribute controls the possibility to access the content
of the CryptoCertificateSlot by Find() interfaces of the
X509 Provider.

Table A.2: CryptoCertificate

Class CryptoCertificateInterface
Package M2::AUTOSARTemplates::AdaptivePlatform::ApplicationDesign::CryptoDesign
Note This meta-class provides the ability to define a PortInterface for a CryptoCertificate.
Tags:
atp.Status=candidate
atp.recommendedPackage=CryptoInterfaces
Base ARElement, ARObject, AtpBlueprint, AtpBlueprintable, AtpClassifier , AtpType, CollectableElement,
CryptoInterface, Identifiable, MultilanguageReferrable, PackageableElement, PortInterface, Referrable
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
5

345 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Class CryptoCertificateInterface
isPrivate Boolean 0..1 attr This attribute controls the possibility to access the content
of the CryptoCertificateSlot by Find() interfaces of the
X509 Provider.
Tags:atp.Status=candidate
writeAccess Boolean 0..1 attr This attribute defines whether the application has
write-access to the CryptoCertificate (True) or only
read-access (False).
Tags:atp.Status=candidate

Table A.3: CryptoCertificateInterface

Class CryptoCertificateToCryptoKeySlotMapping
Package M2::AUTOSARTemplates::AdaptivePlatform::PlatformModuleDeployment::CryptoDeployment
Note This meta-class represents the ability to define a mapping between a CryptoKeySlot and a Crypto
Certificate.
Base ARObject
Aggregated by CryptoModuleInstantiation.certificateToKeySlotMapping
Attribute Type Mult. Kind Note
crypto CryptoCertificate 0..1 ref This reference represents the mapped cryptoCertificate.
Certificate
cryptoKeySlot CryptoKeySlot 0..2 ref This reference represents the mapped cryptoKeySlot.

Table A.4: CryptoCertificateToCryptoKeySlotMapping

Class CryptoKeySlot
Package M2::AUTOSARTemplates::AdaptivePlatform::PlatformModuleDeployment::CryptoDeployment
Note This meta-class represents the ability to define a concrete key to be used for a crypto operation.
Tags:atp.ManifestKind=MachineManifest
Base ARObject, Identifiable, MultilanguageReferrable, Referrable
Aggregated by CryptoProvider.keySlot
Attribute Type Mult. Kind Note
allocateShadow Boolean 0..1 attr This attribute defines whether a shadow copy of this Key
Copy Slot shall be allocated to enable rollback of a failed Key
Slot update campaign (see interface BeginTransaction).
cryptoAlgId String 0..1 attr This attribute defines a crypto algorithm restriction (kAlgId
Any means without restriction). The algorithm can be
specified partially: family & length, mode, padding.
Future Crypto Providers can support some crypto
algorithms that are not well known/ standardized today,
therefore AUTOSAR doesn’t provide a concrete list of
crypto algorithms’ identifiers and doesn’t suppose usage
of numerical identifiers. Instead of this a provider supplier
should provide string names of supported algorithms in
accompanying documentation. The name of a crypto
algorithm shall follow the rules defined in the specification
of cryptography for Adaptive Platform.
cryptoObject CryptoObjectTypeEnum 0..1 attr Object type that can be stored in the slot. If this field
Type contains "Undefined" then mSlotCapacity must be
provided and larger then 0.
Tags:atp.Status=candidate
5

346 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Class CryptoKeySlot
keySlotAllowed CryptoKeySlotAllowed 0..1 aggr Restricts how this keySlot may be used
Modification Modification
Tags:atp.Status=candidate
keySlotContent CryptoKeySlotContent * aggr Restriction of allowed usage of a key stored to the slot.
AllowedUsage AllowedUsage
Tags:atp.Status=candidate
slotCapacity PositiveInteger 0..1 attr Capacity of the slot in bytes to be reserved by the stack
vendor. One use case is to define this value in case that
the cryptoObjectType is undefined and the slot size can
not be deduced from cryptoObjectType and cryptoAlgId.
"0" means slot size can be deduced from cryptoObject
Type and cryptoAlgId.
slotType CryptoKeySlotType 0..1 attr This attribute defines whether the keySlot is exclusively
Enum used by the Application; or whether it is used by Stack
Services and managed by a Key Manager Application.
Tags:atp.Status=candidate

Table A.5: CryptoKeySlot

Class CryptoKeySlotInterface
Package M2::AUTOSARTemplates::AdaptivePlatform::ApplicationDesign::CryptoDesign
Note This meta-class provides the ability to define a PortInterface for Crypto Key Slots.
Tags:
atp.Status=candidate
atp.recommendedPackage=CryptoInterfaces
Base ARElement, ARObject, AtpBlueprint, AtpBlueprintable, AtpClassifier , AtpType, CollectableElement,
CryptoInterface, Identifiable, MultilanguageReferrable, PackageableElement, PortInterface, Referrable
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
allocateShadow Boolean 0..1 attr This attribute defines whether a shadow copy of this Key
Copy Slot shall be allocated to enable rollback of a failed Key
Slot update campaign (see interface BeginTransaction).
Tags:atp.Status=candidate
cryptoAlgId String 0..1 attr This attribute defines a crypto algorithm restriction (kAlgId
Any means without restriction). The algorithm can be
specified partially: family & length, mode, padding.
Future Crypto Providers can support some crypto
algorithms that are not well known/ standardized today,
therefore AUTOSAR doesn’t provide a concrete list of
crypto algorithms’ identifiers and doesn’t suppose usage
of numerical identifiers. Instead of this a provider supplier
should provide string names of supported algorithms in
accompanying documentation. The name of a crypto
algorithm shall follow the rules defined in the specification
of cryptography for Adaptive Platform.
Tags:atp.Status=candidate
cryptoObject CryptoObjectTypeEnum 0..1 attr Object type that can be stored in the slot. If this field
Type contains "Undefined" then mSlotCapacity must be
provided and larger then 0
Tags:atp.Status=candidate
keySlotAllowed CryptoKeySlotAllowed 0..1 aggr Restricts how this keySlot may be used
Modification Modification
Tags:atp.Status=candidate
5

347 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Class CryptoKeySlotInterface
keySlotContent CryptoKeySlotContent * aggr Restriction of allowed usage of a key stored to the slot.
AllowedUsage AllowedUsage
Tags:atp.Status=candidate
slotCapacity PositiveInteger 0..1 attr Capacity of the slot in bytes to be reserved by the stack
vendor. One use case is to define this value in case that
the cryptoObjectType is undefined and the slot size can
not be deduced from cryptoObjectType and cryptoAlgId.
"0" means slot size can be deduced from cryptoObject
Type and cryptoAlgId.
Tags:atp.Status=candidate
slotType CryptoKeySlotType 0..1 attr This attribute defines whether the keySlot is exclusively
Enum used by the Application; or whether it is used by Stack
Services and managed by a Key Manager Application.
Tags:atp.Status=candidate

Table A.6: CryptoKeySlotInterface

Class CryptoKeySlotToPortPrototypeMapping
Package M2::AUTOSARTemplates::AdaptivePlatform::PlatformModuleDeployment::CryptoDeployment
Note This meta-class represents the ability to define a mapping between a CryptoKeySlot on deployment level
to a given PortPrototype that is typed by a CryptoKeySlotInterface.
Tags:atp.recommendedPackage=CryptoKeySlotToPortPrototypeMappings
Base ARElement, ARObject, CollectableElement, Identifiable, MultilanguageReferrable, Packageable
Element, Referrable, UploadablePackageElement
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
keySlot CryptoKeySlot 0..1 ref This reference represents the mapped CryptoKeySlot.
portPrototype RPortPrototype 0..1 iref This reference represents the mapped PortPrototype.
InstanceRef implemented by:RPortPrototypeIn
ExecutableInstanceRef
process Process 0..1 ref This reference represents the process required as context
for the mapping.

Table A.7: CryptoKeySlotToPortPrototypeMapping

Class CryptoProvider
Package M2::AUTOSARTemplates::AdaptivePlatform::PlatformModuleDeployment::CryptoDeployment
Note CryptoProvider implements cryptographic primitives (algorithms) supported by the stack. Implementation
of this component may be software or hardware based (HSM/TPM).
Base ARObject, Identifiable, MultilanguageReferrable, Referrable
Aggregated by CryptoModuleInstantiation.cryptoProvider
Attribute Type Mult. Kind Note
cryptoProvider Documentation 0..1 ref Documentation of the CryptoProvider that describes the
Documentation implemented cryptographic primitives.
keySlot CryptoKeySlot * aggr This aggregation represents the key slots that are
allocated by the CryptoProvider.
Stereotypes: atpSplitable
Tags:atp.Splitkey=keySlot.shortName

Table A.8: CryptoProvider

348 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

Class CryptoProviderInterface
Package M2::AUTOSARTemplates::AdaptivePlatform::ApplicationDesign::CryptoDesign
Note This meta-class provides the ability to define a PortInterface for a CryptoProvider.
Tags:
atp.Status=candidate
atp.recommendedPackage=CryptoInterfaces
Base ARElement, ARObject, AtpBlueprint, AtpBlueprintable, AtpClassifier , AtpType, CollectableElement,
CryptoInterface, Identifiable, MultilanguageReferrable, PackageableElement, PortInterface, Referrable
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
– – – – –
Table A.9: CryptoProviderInterface

Class CryptoProviderToPortPrototypeMapping
Package M2::AUTOSARTemplates::AdaptivePlatform::PlatformModuleDeployment::CryptoDeployment
Note This meta-class represents the ability to define a mapping between a CryptoProvider on deployment level
to a given PortPrototype that is typed by a CryptoProviderInterface.
Tags:atp.recommendedPackage=CryptoProviderToPortPrototypeMappings
Base ARElement, ARObject, CollectableElement, Identifiable, MultilanguageReferrable, Packageable
Element, Referrable, UploadablePackageElement
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
cryptoProvider CryptoProvider 0..1 ref This reference represents the mapped cryptoProvider.
portPrototype RPortPrototype 0..1 iref This reference represents the mapped PortPrototype.
InstanceRef implemented by:RPortPrototypeIn
ExecutableInstanceRef
process Process 0..1 ref This reference represents the process required as context
for the mapping.

Table A.10: CryptoProviderToPortPrototypeMapping

Class CryptoServiceCertificate
Package M2::AUTOSARTemplates::SystemTemplate::SecureCommunication
Note This meta-class represents the ability to model a cryptographic certificate.
Tags:atp.recommendedPackage=CryptoServiceCertificates
Base ARElement, ARObject, CollectableElement, Identifiable, MultilanguageReferrable, Packageable
Element, Referrable
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
algorithmFamily CryptoCertificate 0..1 attr This attribute represents a description of the family of
AlgorithmFamilyEnum crypto algorithm used to generate public key and
signature of the cryptographic certificate.
format CryptoCertificateFormat 0..1 attr This attribute can be used to provide information about
Enum the format used to create the certificate
maximum PositiveInteger 0..1 attr This attribute represents the ability to define the
Length maximum length of the certificate in bytes.
nextHigher CryptoService 0..1 ref The reference identifies the next higher certificate in the
Certificate Certificate certificate chain.
5

349 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Class CryptoServiceCertificate
serverName String 0..1 attr Server Name Indication (SNI) is needed if the IP address
Identification hosts multiple servers (on the same port), each of them
using a different certificate.
If the client sends the SNI to the Server in the client hello,
the server looks the SNI up in its certificate list and uses
the certificate identified by the SNI.

Table A.11: CryptoServiceCertificate

Class PortInterface (abstract)

Package M2::AUTOSARTemplates::SWComponentTemplate::PortInterface
Note Abstract base class for an interface that is either provided or required by a port of a software component.
Base ARElement, ARObject, AtpBlueprint, AtpBlueprintable, AtpClassifier , AtpType, CollectableElement,
Identifiable, MultilanguageReferrable, PackageableElement, Referrable
Subclasses AbstractRawDataStreamInterface, AbstractSynchronizedTimeBaseInterface, ClientServerInterface,
CryptoInterface, DataInterface, DiagnosticPortInterface, FirewallStateSwitchInterface, LogAndTrace
Interface, ModeSwitchInterface, PersistencyInterface, PlatformHealthManagementInterface, Security
EventReportInterface, ServiceInterface, StateManagementPortInterface, TriggerInterface
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
namespace SymbolProps * aggr This represents the SymbolProps used for the definition
(ordered) of a hierarchical namespace applicable for the generation
of code artifacts out of the definition of a ServiceInterface.
Stereotypes: atpSplitable
Tags:
atp.Splitkey=namespace.shortName
atp.Status=draft

Table A.12: PortInterface

Class Process
Package M2::AUTOSARTemplates::AdaptivePlatform::ExecutionManifest
Note This meta-class provides information required to execute the referenced executable.
Tags:atp.recommendedPackage=Processes
Base ARElement, ARObject, AbstractExecutionContext, AtpClassifier , CollectableElement, Identifiable,
MultilanguageReferrable, PackageableElement, Referrable, UploadablePackageElement
Aggregated by ARPackage.element
Attribute Type Mult. Kind Note
design ProcessDesign 0..1 ref This reference represents the identification of the
design-time representation for the Process that owns the
reference.
executable Executable * ref Reference to executable that is executed in the process.
Stereotypes: atpUriDef
functionCluster String 0..1 attr This attribute specifies which functional cluster the
Affiliation process is affiliated with.
numberOf PositiveInteger 0..1 attr This attribute defines how often a process shall be
RestartAttempts restarted if the start fails.
numberOfRestartAttempts = "0" OR Attribute not existing,
start once
numberOfRestartAttempts = "1", start a second time
5

350 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

4
Class Process
preMapping Boolean 0..1 attr This attribute describes whether the executable is
preloaded into the memory.
processState ModeDeclarationGroup 0..1 aggr Set of Process States that are defined for the process.
Machine Prototype
securityEvent SecurityEventDefinition * ref The reference identifies the collection of SecurityEvents
that can be reported by the enclosing SoftwareCluster.
Stereotypes: atpSplitable; atpUriDef
Tags:
atp.Splitkey=securityEvent
atp.Status=candidate
stateDependent StateDependentStartup * aggr Applicable startup configurations.
StartupConfig Config

Table A.13: Process

Class RPortPrototype
Package M2::AUTOSARTemplates::SWComponentTemplate::Components
Note Component port requiring a certain port interface.
Base ARObject, AbstractRequiredPortPrototype, AtpBlueprintable, AtpFeature, AtpPrototype, Identifiable,
MultilanguageReferrable, PortPrototype, Referrable
Aggregated by AtpClassifier .atpFeature, SwComponentType.port
Attribute Type Mult. Kind Note
required PortInterface 0..1 tref The interface that this port requires.
Interface
Stereotypes: isOfType

Table A.14: RPortPrototype

351 of 352 Document ID 883: AUTOSAR_SWS_Cryptography

 Specification of Cryptography
AUTOSAR AP R22-11

B Interfaces to other Functional Clusters (informative)

B.1 Overview
AUTOSAR decided not to standardize interfaces which are exclusively used between
Functional Clusters (on platform-level only), to allow efficient implementations,
which might depend e.g. on the used Operating System.
This chapter provides informative guidelines how the interaction between Functional
Clusters looks like, by clustering the relevant requirements of this document to de-
scribe Inter-Functional Cluster (IFC) interfaces. In addition, the standardized public
interfaces which are accessible by user space applications (see chapters 8 and 9) can
also be used for interaction between Functional Clusters.
The goal is to provide a clear understanding of Functional Cluster boundaries
and interaction, without specifying syntactical details. This ensures compatibility be-
tween documents specifying different Functional Clusters and supports parallel
implementation of different Functional Clusters. Details of the interfaces are up
to the platform provider. Additional interfaces, parameters and return values can be
added.

B.2 Interface Tables

No content defined.

352 of 352 Document ID 883: AUTOSAR_SWS_Cryptography