AES Based Secure object creation - OPTEE

cancel
Showing results for 
Search instead for 
Did you mean: 

AES Based Secure object creation - OPTEE

209 Views
krishnanp
Contributor III

I am trying to create a AES based secure object. For this purpose,  I have modified existing  secure_storage application provided by NXP.

secure_storage_ta$ tree
.
├── host
│   ├── aes_data.h
│   ├── Makefile
│   ├── rsa_data.h
│   ├── secure_storage
│   ├── secure_storage.c
│   └── secure_storage.o
├── LICENSE
├── Makefile
├── README.md
└── ta
    ├── b05bcf48-9732-4efa-a9e0-141c7c888c34.dmp
    ├── b05bcf48-9732-4efa-a9e0-141c7c888c34.elf
    ├── b05bcf48-9732-4efa-a9e0-141c7c888c34.map
    ├── b05bcf48-9732-4efa-a9e0-141c7c888c34.stripped.elf
    ├── b05bcf48-9732-4efa-a9e0-141c7c888c34.ta
    ├── include
    │   ├── securekey_api_types.h
    │   ├── secure_storage_common.h
    │   └── ta_secure_storage.h
    ├── Makefile
    ├── secure_storage_aes.c
    ├── secure_storage_aes.o
    ├── secure_storage_common.c
    ├── secure_storage_common.o
    ├── secure_storage_create.c
    ├── secure_storage_create.o
    ├── secure_storage_crypto.c
    ├── secure_storage_crypto.o
    ├── secure_storage_db.c
    ├── secure_storage_db.o
    ├── secure_storage_ec.c
    ├── secure_storage_ec.o
    ├── secure_storage_entry.c
    ├── secure_storage_entry.o
    ├── secure_storage_find.c
    ├── secure_storage_find.o
    ├── secure_storage_generate.c
    ├── secure_storage_generate.o
    ├── secure_storage_helper.c
    ├── secure_storage_helper.o
    ├── secure_storage_rsa.c
    ├── secure_storage_rsa.o
    ├── sub.mk
    ├── ta.lds
    ├── user_ta_header_defines.h
    └── user_ta_header.o

 Added support for AES key type.

However, when  I run the secure_storage application getting an error bad parameter.

TEEC_InvokeCommand failed with code 0xffff0006

Suspect something is missing in the attributes passed to TEEC_InvokeCommand.

Below it the modified attribute structure

SK_OBJECT_TYPE obj_aes = SK_SECRET_KEY;
uint32_t obj_id_aes = 1;
SK_KEY_TYPE key_aes = SKK_AES;
uint32_t key_len_aes = 16; 
char label_aes[] = "Device_Key_AES";

static const uint8_t key_val_aes[] = { 
    0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 
    0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70
};

 

I believe I miss something in attribute structure. Any help? I am new to optee.

Appreciate  your help.

 

 

0 Kudos
1 Reply

201 Views
yipingwang
NXP TechSupport
NXP TechSupport
0 Kudos