TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_examples.git / ae02c09a584054e055d9b3225856661c5f9dfc39
commitae02c09a584054e055d9b3225856661c5f9dfc39[log] [tgz]
authorEtienne Carriere <etienne.carriere@linaro.org>Tue Jul 10 11:11:22 2018 +0200
committerJens Wiklander <jens.wiklander@linaro.org>Tue Jul 10 11:52:56 2018 +0200
treeafec85f01ed1b75ebc3bb27c6aa2bf01ca095eea
parent1c5d96fb2f6abab232bc06705fe557bc4f76964b [diff]
Raw access to trusted application secure storage

This change provides basics for creating, reading and deleting an
object in a TA secure storage.

The TA implementation shows how to use the GPD TEE Internal Core API
for some basic data persistent object manipulations.

A TA command allows to create an object in the TA secure storage.
A TA command allows to read an object in the TA secure storage.
A TA command allows to delete an object from the TA secure storage.

This example does not cover all the possibilities of secure storage API
provided to TAs: seeking into a object data stream, manipulating
key material objects instead of raw data objects, etc.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
12 files changed
tree: afec85f01ed1b75ebc3bb27c6aa2bf01ca095eea
  1. aes/
  2. docs/
  3. hello_world/
  4. hotp/
  5. random/
  6. secure_storage/
  7. .gitignore
  8. Android.mk
  9. CMakeLists.txt
  10. CMakeToolchain.txt
  11. LICENSE
  12. Makefile
  13. README.md
README.md

OP-TEE Sample Applications

Contents

  1. Introduction
  2. List of sample applications
  3. How to build a Trusted Application

1. Introduction

This document describes the sample applications that are included in the OP-TEE, that aim to showcase specific functionality and use case.

For sake of simplicity, all OP-TEE example test application are prefixed with optee_example_.

2. List of sample applications

Directory hello_world/:

  • A very simple Trusted Application to answer a hello command and incrementing an integer value.
  • Test application: optee_example_hello_world
  • Trusted application UUID: 8aaaf200-2450-11e4-abe2-0002a5d5c51b

Directory random/:

  • Generates a random UUID using capabilities of TEE API (TEE_GenerateRandom()).
  • Test application: optee_example_random
  • Trusted application UUID: b6c53aba-9669-4668-a7f2-205629d00f86

Directory aes/:

  • Runs an AES encryption and decryption from a TA using the GPD TEE Internal Core API. Non secure test application provides the key, initial vector and ciphered data.
  • Test application: optee_example_aes
  • Trusted application UUID: 5dbac793-f574-4871-8ad3-04331ec17f24

Directory secure_storage/:

  • A Trusted Application to read/write raw data into the OP-TEE secure storage using the GPD TEE Internal Core API.
  • Test application: optee_example_secure_storage
  • Trusted application UUID: f4e750bb-1437-4fbf-8785-8d3580c34994

3. How to build a Trusted Application

TA basics documentation presents the basics for implementing and building an OP-TEE trusted application.

One can also refer to the examples provided: source files and make scripts.