Add C example

[paulhowardarm]

Summary

Add a simple C example to the "Hello, Parsec" demo suite.

Details

A C example would need to look slightly different from the other examples, all of which use a named key to perform RSA decryption of an input string. This pattern cannot be replicated in C, because there is no C interface to Parsec that understands Parsec's notion of named keys. It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the parsec-tool, which is the general pattern of this demo. A C example would need to provision and use its own key and then delete it again at the end. A good starting point would be to copy/paste code from the test suite of the Parsec SE driver here: https://github.com/parallaxsecond/parsec-se-driver/tree/main/ci/c-tests - although this example actually performs an ECC signature, it could trivially be reworked to do the same kind of RSA workflow that the other demos are doing.

[ionut-arm]

It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the parsec-tool, which is the general pattern of this demo.

There could be a way, but it depends on authentication mechanism. If the service is using Unix Domain Socket Peer Credentials, then you can just use the Parsec tool to generate a key with the "appropriate" name, and have the C application use it directly. I've not tried this, I think - it won't work if Mbed Crypto stores some of its own metadata for the key when creating/importing it.

[paulhowardarm]

It is therefore not possible to write a C Parsec program that uses a named key that was provisioned in advance using something like the parsec-tool, which is the general pattern of this demo.

There could be a way, but it depends on authentication mechanism. If the service is using Unix Domain Socket Peer Credentials, then you can just use the Parsec tool to generate a key with the "appropriate" name, and have the C application use it directly. I've not tried this, I think - it won't work if Mbed Crypto stores some of its own metadata for the key when creating/importing it.

Yes, that's possible, but it relies on an undocumented mapping that is essentially an implementation detail of the Parsec SE driver. This isn't something I would want to showcase in example/demo code, unless we were to take the decision to formalise and document this mapping, and perhaps also make it configurable. I think there might be some discussions in Slack on this topic.