| commit | f4f54e5a76641fda22a49f00294771f948cd4c92 | [log] [tgz] |
|---|---|---|
| author | Jorge Ramirez-Ortiz <jorge@foundries.io> | Wed Nov 03 12:28:47 2021 +0100 |
| committer | Jérôme Forissier <jerome@forissier.org> | Fri Nov 26 09:09:30 2021 +0100 |
| tree | 737b56db18379cef9b35362ffcc72e117b4f8d7f | |
| parent | e532a51ec020fd652dc1f83b4a5a0311afeab246 [diff] |
libseteec: Secure Element control When a Secure Element -supported by OP-TEE- enables SCP03, the encryption keys could have been derived from the HUK and therefore not known to the normal world. In such circumstances, APDU frames will need to be routed to the secure world for encryption before sending them to the SE and then decrypted when processing the response. Secure Elements supporting SCP03 are shipped with predefined keys stored in persistent memory and documented in their data sheets. This library provides an interface to enable SCP03 using those non-secure keys. It also provides an interface to rotate these default keys and derive board unique new ones before enabling the SCP03 session. A working scenario currently in OP-TEE is the NXP SE050/SE051 device (both have been tested) Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
This git contains source code for the non-secure side implementation of the OP-TEE project making up the client library and tee-supplicant.
All official OP-TEE documentation has moved to http://optee.readthedocs.io. The information that used to be here in this git can be found under optee_client.
// OP-TEE core maintainers