Searched hist:f86ab8e7e0de869dfa25ca05a37ee070d7e5b86b (Results 1 – 5 of 5) sorted by relevance
| /optee_os/ta/trusted_keys/ |
| H A D | user_ta.mk | f86ab8e7e0de869dfa25ca05a37ee070d7e5b86b Wed May 06 07:15:38 UTC 2020 Sumit Garg <sumit.garg@linaro.org> ta: add early TA to seal and unseal Linux trusted keys
This patch adds an early TA which acts as Linux TEE bus device to
provide a service of sealing/unsealing of trusted keys in case platform
doesn't posses a TPM device or like.
To do sealing/unsealing we use system pseudo TA service to derive a
hardware unquie key to perform authenticated encryption/decryption
(using TEE_ALG_AES_GCM algo).
Also, this early TA only accepts login with a new private login method
specifically used by REE kernel (TEE_LOGIN_REE_KERNEL).
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
| H A D | sub.mk | f86ab8e7e0de869dfa25ca05a37ee070d7e5b86b Wed May 06 07:15:38 UTC 2020 Sumit Garg <sumit.garg@linaro.org> ta: add early TA to seal and unseal Linux trusted keys
This patch adds an early TA which acts as Linux TEE bus device to
provide a service of sealing/unsealing of trusted keys in case platform
doesn't posses a TPM device or like.
To do sealing/unsealing we use system pseudo TA service to derive a
hardware unquie key to perform authenticated encryption/decryption
(using TEE_ALG_AES_GCM algo).
Also, this early TA only accepts login with a new private login method
specifically used by REE kernel (TEE_LOGIN_REE_KERNEL).
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
| H A D | user_ta_header_defines.h | f86ab8e7e0de869dfa25ca05a37ee070d7e5b86b Wed May 06 07:15:38 UTC 2020 Sumit Garg <sumit.garg@linaro.org> ta: add early TA to seal and unseal Linux trusted keys
This patch adds an early TA which acts as Linux TEE bus device to
provide a service of sealing/unsealing of trusted keys in case platform
doesn't posses a TPM device or like.
To do sealing/unsealing we use system pseudo TA service to derive a
hardware unquie key to perform authenticated encryption/decryption
(using TEE_ALG_AES_GCM algo).
Also, this early TA only accepts login with a new private login method
specifically used by REE kernel (TEE_LOGIN_REE_KERNEL).
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
| H A D | entry.c | f86ab8e7e0de869dfa25ca05a37ee070d7e5b86b Wed May 06 07:15:38 UTC 2020 Sumit Garg <sumit.garg@linaro.org> ta: add early TA to seal and unseal Linux trusted keys
This patch adds an early TA which acts as Linux TEE bus device to
provide a service of sealing/unsealing of trusted keys in case platform
doesn't posses a TPM device or like.
To do sealing/unsealing we use system pseudo TA service to derive a
hardware unquie key to perform authenticated encryption/decryption
(using TEE_ALG_AES_GCM algo).
Also, this early TA only accepts login with a new private login method
specifically used by REE kernel (TEE_LOGIN_REE_KERNEL).
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|
| /optee_os/ta/trusted_keys/include/ |
| H A D | trusted_keys.h | f86ab8e7e0de869dfa25ca05a37ee070d7e5b86b Wed May 06 07:15:38 UTC 2020 Sumit Garg <sumit.garg@linaro.org> ta: add early TA to seal and unseal Linux trusted keys
This patch adds an early TA which acts as Linux TEE bus device to
provide a service of sealing/unsealing of trusted keys in case platform
doesn't posses a TPM device or like.
To do sealing/unsealing we use system pseudo TA service to derive a
hardware unquie key to perform authenticated encryption/decryption
(using TEE_ALG_AES_GCM algo).
Also, this early TA only accepts login with a new private login method
specifically used by REE kernel (TEE_LOGIN_REE_KERNEL).
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
|