Rename commands to remove PSA prefix and make them more user-friendly

[paulhowardarm]

Summary

Some of the tool command names are chosen to match the opcode names in the wire protocol, but it would be better to give them names that are more intuitive for scripting, and also to cater for the fact that some commands might end up being compositions of multiple wire protocol ops. Also, words like "generate" and "destroy" are not idiomatic for scripting of key management: "create" and "delete" would be better. There is no need to align to PSA terminology here. The overriding aim is to make a nice usable CLI tool.

Details

psa-generate-key should be renamed to either create-key or create-rsa-keypair depending on whether we want to specialise it to RSA in the future. A single create-key command will eventually need all sorts of differently-constrained parameter sets for all the different key types, so having a separate command for different main key types might make sense.

psa-destroy-key should be renamed to delete-key (and we only need one of those regardless of the key type).

psa-generate-random can just be generate-random or make-random.

psa-export-key can just be export-key.

psa-export-public-key can just be export-publiic-key.

[hug-dev]

I think create-rsa-key is a good name. It would need a key name and default to the following key attributes:

• type: RSA key pair
• size: 1024 bits
• policy: by default used for encryption/decryption with RSA PKCS#1 v1.5 encryption (with SHA-256). A --usage flag or similar could be used to modify that

create-ecc-key would be similar with the following defaulting:

• type: ECC key pair with curve secp256r1
• size: 256 bits
• policy: by default signing/verifying with ECDSA SHA-256

also see this conversation in Slack.

[ionut-arm]

size: 1024 bits

That's too small, 2048 bits at least

Source: https://www.keylength.com/en/

[hug-dev]

Yes in the code I changed it to 2048, knowing that we support that 👍