How to execute OP-TEE cryptographic algorithms directly from ARM Trusted Firmware
The highlighted comment was created in this revision.
I want to evaluate cryptographic algorithms on the boot loader before Linux starts up.
We plan to include evaluation software in ARM Trusted Firmware (bl31-h3ulcb).
ARM Trusted Firmware has no encryption algorithm, so we are considering using a library in OP-TEE (tee-h3ulcb).
For example, in evaluating signature verification using RSA, the following processing is considered necessary.
・ Register the public key and secret key.
・ And generates a hash value of the evaluation target data. (For example SHA 256)
・ Generate a signature by encrypting the hash value with the secret key.
・ Generate a hash value by decrypting the signature with the public key.
Among these processes, I do not know how to register the public key and secret key to OP-TEE.
Please tell me what kind of processing can be realized from ARM Trusted Firmware.
(If you have product planning, )I think that you should officially contact Renesas.
I am not a product planning representative.
I'm considering running cryptographic algorithms implemented on R-Car H3 on a boot loader on which Linux is not running.
I will concretely describe what I can not realize.
First, when ARM Trusted Firmware jumps to the address where the OP-TEE function exists, an exception will be raised.
After that, "plat_panic_handler" will be in infinite loop state.
I guess that it is probably guarded by MMU, but I do not know how to deal with it.
Second, About signature verification using key of RSA.
In order to register the key of RSA, I guess using functions like "alloc_rsa_public_key" and "alloc_rsa_keypair" in OP - TEE.
However, I do not know how to use functions such as arguments and procedures.