Merge pull request #66 from hug-dev/full-review

Update the books

Author: hug-dev

src/README.md

@@ -5,6 +5,11 @@ provide a common API to secure services in a platform-agnostic way.
 
 Find here all the technical documentation of Parsec, alongside user and developer guides.
 
+Go straight to the [overview](overview.md) to learn more about the project! Then, depending on what
+you want to know, you can go to the [users](parsec_users.md), [client
+developers](parsec_client/README.md), [service developers](parsec_service/README.md) or
+[security](parsec_security/README.md) sections.
+
 # Disclaimer
 
 Parsec is a new open source project and is under development. This code repository is being made

src/SUMMARY.md

@@ -2,63 +2,60 @@
 
 - [Introduction](README.md)
 - [Overview](overview.md)
-- [Service API coverage](service_api_coverage.md)
-- [Clients API coverage](clients_api_coverage.md)
-- [Parsec Threat Model](threat_model/threat_model.md)
-   - [Recommendations for Secure Deployment](threat_model/secure_deployment.md)
-- [Parsec Rust Client Threat Model](threat_model/rust_client_threat_model.md)
 - [Parsec for users](parsec_users.md)
 - [Parsec for client developers](parsec_client/README.md)
+   - [API Overview](parsec_client/api_overview.md)
+   - [Wire Protocol](parsec_client/wire_protocol.md)
+   - [Status Codes](parsec_client/status_codes.md)
+   - [Writing a new Parsec Client Library](parsec_client/writing_library.md)
    - [Operations](parsec_client/operations/README.md)
-      - [AddClient](parsec_client/operations/add_client.md)
-      - [ListOpcodes](parsec_client/operations/list_opcodes.md)
-      - [ListProviders](parsec_client/operations/list_providers.md)
-      - [ListAuthenticators](parsec_client/operations/list_authenticators.md)
-      - [Ping](parsec_client/operations/ping.md)
-      - [ProveClient](parsec_client/operations/prove_client.md)
-      - [PsaDestroyKey](parsec_client/operations/psa_destroy_key.md)
-      - [PsaExportPublicKey](parsec_client/operations/psa_export_public_key.md)
-      - [PsaExportKey](parsec_client/operations/psa_export_key.md)
-      - [PsaGenerateKey](parsec_client/operations/psa_generate_key.md)
-      - [PsaImportKey](parsec_client/operations/psa_import_key.md)
-      - [PsaRawKeyAgreement](parsec_client/operations/psa_raw_key_agreement.md)
+      - [Parsec Operations Coverage](parsec_client/operations/service_api_coverage.md)
       - [PSA Key Attributes](parsec_client/operations/psa_key_attributes.md)
       - [PSA Algorithm](parsec_client/operations/psa_algorithm.md)
-      - [PsaSignMessage](parsec_client/operations/psa_sign_message.md)
-      - [PsaVerifyMessage](parsec_client/operations/psa_verify_message.md)
+      - [Ping](parsec_client/operations/ping.md)
+      - [PsaGenerateKey](parsec_client/operations/psa_generate_key.md)
+      - [PsaDestroyKey](parsec_client/operations/psa_destroy_key.md)
       - [PsaSignHash](parsec_client/operations/psa_sign_hash.md)
       - [PsaVerifyHash](parsec_client/operations/psa_verify_hash.md)
-      - [PsaHashCompute](parsec_client/operations/psa_hash_compute.md)
-      - [PsaHashCompare](parsec_client/operations/psa_hash_compare.md)
+      - [PsaImportKey](parsec_client/operations/psa_import_key.md)
+      - [PsaExportPublicKey](parsec_client/operations/psa_export_public_key.md)
+      - [ListProviders](parsec_client/operations/list_providers.md)
+      - [ListOpcodes](parsec_client/operations/list_opcodes.md)
       - [PsaAsymmetricEncrypt](parsec_client/operations/psa_asymmetric_encrypt.md)
       - [PsaAsymmetricDecrypt](parsec_client/operations/psa_asymmetric_decrypt.md)
+      - [PsaExportKey](parsec_client/operations/psa_export_key.md)
+      - [PsaGenerateRandom](parsec_client/operations/psa_generate_random.md)
+      - [ListAuthenticators](parsec_client/operations/list_authenticators.md)
+      - [PsaHashCompute](parsec_client/operations/psa_hash_compute.md)
+      - [PsaHashCompare](parsec_client/operations/psa_hash_compare.md)
       - [PsaAeadEncrypt](parsec_client/operations/psa_aead_encrypt.md)
       - [PsaAeadDecrypt](parsec_client/operations/psa_aead_decrypt.md)
+      - [PsaRawKeyAgreement](parsec_client/operations/psa_raw_key_agreement.md)
       - [PsaCipherEncrypt](parsec_client/operations/psa_cipher_encrypt.md)
       - [PsaCipherDecrypt](parsec_client/operations/psa_cipher_decrypt.md)
       - [PsaMacCompute](parsec_client/operations/psa_mac_compute.md)
       - [PsaMacVerify](parsec_client/operations/psa_mac_verify.md)
-      - [ShareTrustBundle](parsec_client/operations/share_trust_bundle.md)
-      - [PsaGenerateRandom](parsec_client/operations/psa_generate_random.md)
-   - [API Overview](parsec_client/api_overview.md)
-   - [Status Codes](parsec_client/status_codes.md)
-   - [Wire Protocol](parsec_client/wire_protocol.md)
-   - [Writing a new Parsec Client Library](parsec_client/writing_library.md)
+      - [PsaSignMessage](parsec_client/operations/psa_sign_message.md)
+      - [PsaVerifyMessage](parsec_client/operations/psa_verify_message.md)
 - [Parsec for service developers](parsec_service/README.md)
    - [System Architecture](parsec_service/system_architecture.md)
    - [Interfaces and Dataflow](parsec_service/interfaces_and_dataflow.md)
    - [Source Code Structure](parsec_service/source_code_structure.md)
-   - [Providers](parsec_service/providers.md)
-   - [Converters](parsec_service/converters.md)
-   - [Authenticators](parsec_service/authenticators.md)
    - [Listeners](parsec_service/listeners.md)
+   - [Authenticators](parsec_service/authenticators.md)
+   - [Converters](parsec_service/converters.md)
+   - [Providers](parsec_service/providers.md)
    - [Key Info Managers](parsec_service/key_info_managers.md)
    - [Adding a new Parsec Provider](parsec_service/adding_provider.md)
    - [How to build and run Parsec](parsec_service/build_run.md)
    - [How to securely install Parsec on Linux](parsec_service/install_parsec_linux.md)
    - [Parsec Configuration](parsec_service/configuration.md)
    - [How to test Parsec](parsec_service/tests/README.md)
       - [List of existing tests](parsec_service/tests/existing_tests.md)
+- [Parsec Security](parsec_security/README.md)
+   - [Parsec Threat Model](parsec_security/parsec_threat_model/threat_model.md)
+   - [Recommendations for Secure Deployment](parsec_security/secure_deployment.md)
+   - [Parsec Rust Client Threat Model](parsec_security/rust_client_threat_model/threat_model.md)
 - [Contributing](contributing/README.md)
    - [How to add operations to Parsec](contributing/adding_new_operation_how_to.md)
 

src/clients_api_coverage.md

@@ -15,8 +15,8 @@ Create the specification page for the Parsec Book, under
 also be found in the menu on the left of all pages). Include operation details such as parameters,
 results, errors specific to the operation, a description, and a link to the
 [protobuf](#parsec-operations) contract (which will be created further on). Also update all API
-tables on the [Service API](../service_api_coverage.md) and [Client API](../clients_api_coverage.md)
-pages to reflect the new addition (create any API tables if they are missing).
+tables on the [Parsec Operations Coverage](../parsec_client/operations/service_api_coverage.md) page
+to reflect the new addition (create any API tables if they are missing).
 
 The opcode used should be the next available one. To find this, go to
 [`parsec-interface-rs/src/requests/mod.rs`](https://github.com/parallaxsecond/parsec-interface-rs/blob/master/src/operations/mod.rs)

src/contributing/adding_new_operation_how_to.md

@@ -3,14 +3,14 @@
 This section offers the information needed for building Parsec client libraries. The topics covered
 are:
 
-- [Operations](operations) - structured description of all Parsec operations; this subsection
-   provides the official documentation for the API
 - [API overview](api_overview.md) - overview of the API and the design principles behind it
-- [Status codes](status_codes.md) - comprehensive list of response codes returned by the service and
-   their meaning
 - [Wire protocol](wire_protocol.md) - detailed description of the representation and meaning of data
    communicated between the client and service
+- [Status codes](status_codes.md) - comprehensive list of response codes returned by the service and
+   their meaning
 - [Writing a new client library](writing_library.md) - hints and tips for getting started with
    developing a new client library
+- [Operations](operations) - structured description of all Parsec operations; this subsection
+   provides the official documentation for the API
 
 *Copyright 2019 Contributors to the Parsec project.*

src/parsec_client/README.md

@@ -59,17 +59,17 @@ configuration that is applied at service-deployment time.
 While the service can be composed from multiple providers, any given API operation needs to be
 implemented by a single provider. This means that client code needs to specify the target provider
 when it makes an operation request. To achieve this, the service assigns an 8-bit integer value
-(from 0 to 255) to each available provider. In practice, the numer of providers would be very small:
-probably just two or three. This integer value is the **provider identifier**. Client code must set
-a single provider identifier in each API request. The [**wire protocol
+(from 0 to 255) to each available provider. In practice, the number of providers would be very
+small: probably just two or three. This integer value is the **provider identifier**. Client code
+must set a single provider identifier in each API request. The [**wire protocol
 specification**](wire_protocol.md) explains how a request header field is used to route the request
 to the correct provider.
 
 In order to set a provider identifier in an API request, the client must first be able to determine
 what providers are available, what their identifiers are, and what their characteristics are (such
 as whether they are hardware-backed or software-backed). This is done by first referencing the
 **core provider**. The core provider is the only provider that is guaranteed to be available in any
-deployment of the service. It has a provider identifier of zero (the only reserved value for
+deployment of the service. It has a provider identifier of zero (`0x00`, the only reserved value for
 provider identifiers). The core provider is special in that it doesn't implement any security or
 cryptographic operations. The core provider is used to represent the service as a whole. The
 operations of the core provider can be used to gather information about the health and configuration
@@ -182,10 +182,12 @@ permitted numerical values for this field are given as follows:-
    it indicates improper coding or a possible defect on the client side). See the section below on
    unauthenticated operations.
 - A value of 1 (`0x01`) indicates direct authentication. The service will expect the
-   **authentication** field to contain a cleartext copy of the application identity.
-- A value of 2 (`0x02`) indicates authentication tokens. The service will expect the
-   **authentication** field to contain a JWT token. Tokens must be signed with the private key of
-   the identity provider and their validity period must cover the moment when the check is done.
+   **authentication** field to contain a cleartext copy of the application identity, encoded as a
+   UTF-8 string.
+- A value of 2 (`0x02`) indicates authentication tokens. This authentication type is not currently
+   supported. The service will expect the **authentication** field to contain a JWT token. Tokens
+   must be signed with the private key of the identity provider and their validity period must cover
+   the moment when the check is done.
 - A value of 3 (`0x03`) indicates Unix peer credentials authentication. The service expects the
    **authentication** field to contain the Unix user identifier (UID, **not** username) of the
    connecting process as a zero-padded little-endian 32-bit unsigned integer. The Parsec service
@@ -207,7 +209,7 @@ set to 0 (`0x00`).
 
 As per the [**wire protocol specification**](wire_protocol.md), API request headers contain fields
 for **content type** and **accept type**, which respectively indicate how the request body and
-response body are encoded. Currently, the only supported value for these fields is 1 (`0x01`),
+response body are encoded. Currently, the only supported value for these fields is one (`0x01`),
 meaning that all request and response bodies contain serialized protobuf messages. All other values
 are unsupported and will be rejected by the service.
 
@@ -232,20 +234,15 @@ While this API is closely aligned with the PSA Crypto API, there are some differ
 difference is in the conventions used to name and reference cryptographic keys.
 
 In the PSA Crypto API, every key has a 32-bit numerical identifier. This identifier is set by the
-caller when the key is created. Client code then uses this 32-bit identifier to **open** the key. A
-key must be opened before it can be used in any cryptographic operations. An open key is referenced
-using a **handle** (which is distinct from the identifier). The handle is the only way that the
-client code can involve the key in cryptographic functions. Once the client has finished using the
-key, it **closes** the handle.
-
-This API differs in two ways. Firstly, the key names are not 32-bit numerical values: they are
-**strings**. Secondly, there is no notion of key handles. Keys are always referenced by name. There
-is no operation to open or close a key. Cryptographic operations are all specified in terms of the
-key name string. However, while the notion of a key handle is absent, it is important to understand
-that the opacity of keys - one of the critical design characteristics of the PSA Crypto API - is
-preserved here. Key names are used to reference keys for cryptographic operations, but the actual
-key material is *never* exposed to the caller of the API unless an explicit operation is invoked to
-export the key (and the key's usage policy permits for such an export to occur).
+caller when the persistent key is created. Client code then uses this 32-bit identifier to refer to
+the key for use in any cryptographic operation.
+
+This API is different: the key names are not 32-bit numerical values, they are **UTF-8 strings**.
+Cryptographic operations are all specified in terms of the key name string. It is important to
+understand that the opacity of keys - one of the critical design characteristics of the PSA Crypto
+API - is preserved here. Key names are used to reference keys for cryptographic operations, but the
+actual key material is *never* exposed to the caller of the API unless an explicit operation is
+invoked to export the key (and the key's usage policy permits for such an export to occur).
 
 The use of string names offers greater flexibility in how names can be chosen and structured. It
 allows for names to be readable and meaningful. It also allows for names to follow a structured