Hi Kris,

[CC op-tee@lists.trustedfirmware.org the newer ML for OP-TEE which is now under the TrustedFirmware.org umbrella]

On 2/9/21 11:04 PM, Kris Kwiatkowski wrote:

Hello,

I've recently been involved in producing PoC, which utilizes OP-TEE to produce proof of a secret key possession. That is used during tunnel establishment by OpenVPN.

In case someone finds it interesting, for example as kind of "real-world" use case of OP-TEE, then details are described here: https://www.amongbytes.com/post/20210112-optee-openssl-engine/

Thanks for sharing! It is a well-written article, quite interesting to read IMO. I always like to see how OP-TEE is used in various scenarios. As upstream project maintainers we hear about bug reports and we review new contributions of course, but there is clearly a lot of activity going on downstream that we don't know much about. Yet, a bit of context certainly helps take the good decisions for the project going forward!

and code is here: https://github.com/henrydcase/optee_eng

The actual PoC used post-quantum schemes integrated into TEE OS and TF-A (secure boot). Those two points are not described really described for brevity (and probably there is low interest anyway).

Kind regards, Kris _______________________________________________ Tee-dev mailing list Tee-dev@lists.linaro.org https://lists.linaro.org/mailman/listinfo/tee-dev

Thanks,