Hi Saad,
On Thu, Jun 18, 2020 at 9:43 AM Muhammad Saad via OP-TEE op-tee@lists.trustedfirmware.org wrote:
Hello All,
First, I hope you are safe and doing fine in the unfortunate COVID-19 situation. I am a Ph.D. student at the University of Central Florida. Currently, I am working on a TEE-based prototype application for a proof-of-concept. Since I am totally new in this domain, so it is taking some effort. I have a few questions and I hope you guys can help me in that.
At present, I am able to set up OP-TEE on Qemu and run the examples on the normal world and the secure world. Additionally, I tweaked a few parameters (ie., the integer value in the main.c) for the CA and the addition and subtraction sequence in the TA. Upon building it again (cd/build/make all run), it seems to work. However, if I need to pass a normal string to the TA and the TA computes Sha256 of the string and returns the value, what steps do I need to take? In other words, how can I pass a tuple from the TA to the CA and obtain the Hash of the tuple. Additionally, if I am able to do that by tailoring the HelloWorld examples, how can I develop new CA and TA with unique UUID and perform the same procedure. Finally, instead of doing the entire (cd/build/make all run), is there a method by which I can simply build the application and alone and run it on Qemu?
You can find an example of doing some hashing at https://github.com/OP-TEE/optee_test/blob/391168ec03980e1cc8fb6d3e3c4b424819...
You'll need to look around a little to get the whole picture, but it shouldn't be too hard.
If you only change a TA or some client application it's enough to rebuild with: make buildroot
and then run it with: make run-only
A new UUID can be obtained with the Linux command uuidgen.
Cheers, Jens
I understand that these must be trivial questions, however, I will deeply appreciate if you can help me in figuring them out.
Best,
Saad
OP-TEE mailing list OP-TEE@lists.trustedfirmware.org https://lists.trustedfirmware.org/mailman/listinfo/op-tee
Hi Jens,
I was able to do all those operations last week. I actually cloned a pseudo-TA, assign it a new UUID, and do all the required cryptographic operations as well as the secure storage. However, now that I try to benchmark it, an error is thrown ([Benchmark] ERROR: TEEC_InvokeCommand: 0xffff000c). Can you tell me the right way of benchmarking a pseudo-TA? Also, if I want to take all the pseduo-TA code and make a new TA, what should be the simplest process?
Best,
Saad
________________________________ From: Jens Wiklander jens.wiklander@linaro.org Sent: Wednesday, July 8, 2020 11:26 AM To: Muhammad Saad saad.ucf@Knights.ucf.edu Cc: op-tee@lists.trustedfirmware.org op-tee@lists.trustedfirmware.org Subject: Re: OP-TEE Development Guidance
Hi Saad,
On Thu, Jun 18, 2020 at 9:43 AM Muhammad Saad via OP-TEE op-tee@lists.trustedfirmware.org wrote:
Hello All,
First, I hope you are safe and doing fine in the unfortunate COVID-19 situation. I am a Ph.D. student at the University of Central Florida. Currently, I am working on a TEE-based prototype application for a proof-of-concept. Since I am totally new in this domain, so it is taking some effort. I have a few questions and I hope you guys can help me in that.
At present, I am able to set up OP-TEE on Qemu and run the examples on the normal world and the secure world. Additionally, I tweaked a few parameters (ie., the integer value in the main.c) for the CA and the addition and subtraction sequence in the TA. Upon building it again (cd/build/make all run), it seems to work. However, if I need to pass a normal string to the TA and the TA computes Sha256 of the string and returns the value, what steps do I need to take? In other words, how can I pass a tuple from the TA to the CA and obtain the Hash of the tuple. Additionally, if I am able to do that by tailoring the HelloWorld examples, how can I develop new CA and TA with unique UUID and perform the same procedure. Finally, instead of doing the entire (cd/build/make all run), is there a method by which I can simply build the application and alone and run it on Qemu?
You can find an example of doing some hashing at https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com...
You'll need to look around a little to get the whole picture, but it shouldn't be too hard.
If you only change a TA or some client application it's enough to rebuild with: make buildroot
and then run it with: make run-only
A new UUID can be obtained with the Linux command uuidgen.
Cheers, Jens
I understand that these must be trivial questions, however, I will deeply appreciate if you can help me in figuring them out.
Best,
Saad
OP-TEE mailing list OP-TEE@lists.trustedfirmware.org https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.trus...
On Wed, Jul 8, 2020 at 7:56 PM Muhammad Saad saad.ucf@knights.ucf.edu wrote:
Hi Jens,
I was able to do all those operations last week. I actually cloned a pseudo-TA, assign it a new UUID, and do all the required cryptographic operations as well as the secure storage. However, now that I try to benchmark it, an error is thrown ([Benchmark] ERROR: TEEC_InvokeCommand: 0xffff000c). Can you tell me the right way of benchmarking a pseudo-TA? Also, if I want to take all the pseduo-TA code and make a new TA, what should be the simplest process?
I suggest that you start out with studying https://optee.readthedocs.io/en/latest/ it will probably answer your questions and give a good overview too.
Cheers, Jens
Best,
Saad
From: Jens Wiklander jens.wiklander@linaro.org Sent: Wednesday, July 8, 2020 11:26 AM To: Muhammad Saad saad.ucf@Knights.ucf.edu Cc: op-tee@lists.trustedfirmware.org op-tee@lists.trustedfirmware.org Subject: Re: OP-TEE Development Guidance
Hi Saad,
On Thu, Jun 18, 2020 at 9:43 AM Muhammad Saad via OP-TEE op-tee@lists.trustedfirmware.org wrote:
Hello All,
First, I hope you are safe and doing fine in the unfortunate COVID-19 situation. I am a Ph.D. student at the University of Central Florida. Currently, I am working on a TEE-based prototype application for a proof-of-concept. Since I am totally new in this domain, so it is taking some effort. I have a few questions and I hope you guys can help me in that.
At present, I am able to set up OP-TEE on Qemu and run the examples on the normal world and the secure world. Additionally, I tweaked a few parameters (ie., the integer value in the main.c) for the CA and the addition and subtraction sequence in the TA. Upon building it again (cd/build/make all run), it seems to work. However, if I need to pass a normal string to the TA and the TA computes Sha256 of the string and returns the value, what steps do I need to take? In other words, how can I pass a tuple from the TA to the CA and obtain the Hash of the tuple. Additionally, if I am able to do that by tailoring the HelloWorld examples, how can I develop new CA and TA with unique UUID and perform the same procedure. Finally, instead of doing the entire (cd/build/make all run), is there a method by which I can simply build the application and alone and run it on Qemu?
You can find an example of doing some hashing at https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com...
You'll need to look around a little to get the whole picture, but it shouldn't be too hard.
If you only change a TA or some client application it's enough to rebuild with: make buildroot
and then run it with: make run-only
A new UUID can be obtained with the Linux command uuidgen.
Cheers, Jens
I understand that these must be trivial questions, however, I will deeply appreciate if you can help me in figuring them out.
Best,
Saad
OP-TEE mailing list OP-TEE@lists.trustedfirmware.org https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.trus...
op-tee@lists.trustedfirmware.org
-
Jens Wiklander -
Muhammad Saad