AnsweredAssumed Answered

How to build Trusted Applications for the OP-TEE

Question asked by Gerth on May 15, 2018
Latest reply on May 17, 2018 by Yiping Wang


I have build the PPA with OP-TEE with the flexbuilder for the LS1012. When the board is booted, running xtest (and before that starting tee-supplicant) results in 0 failed tests so this should work.

But with the TEE running, I would like to start building my own Trusted Applications, but there seems to be no guide on how to do that. I followed the OP-TEE Build Instructions  which also results in some examples being build. Copying the generated TA to /lib/optee-armtz/ and running the ``hello_world'' application i get a TEEC_ERROR_SECURITY  response.

After some research i think that either the TEE does not know about the default key (building the ppa-optee with the default key removed from the flex builder did not give errors) and/or another key is used by the TEE.

Also i would like to en-/decrypt BLOB's, I know that it is possible under U-Boot but i would like to do this under linux (via a TA?)


TL;DR: How do i build a TA for the TEE build by the flex-builder. And is it possible to generate blobs via a TA?


Thanks in advance!