Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inquiry Regarding default_ta.pem for Offline TA Signing and Early TAs. #7126

Open
ydonghyuk opened this issue Nov 14, 2024 · 6 comments
Open
Labels

Comments

@ydonghyuk
Copy link

ydonghyuk commented Nov 14, 2024

I would like to apply offline TA signing by generating a new key as shown below,
instead of using the default TA signing key (default_ta.pem) provided by default.

test_private_key.pem 
test_public_key.pem

The purpose is to avoid providing the private key for TA signing to an external vendor providing OP-TEE.

Reference document: https://optee.readthedocs.io/en/latest/building/trusted_applications.html#offline-signing-of-tas

The TEE binary is modified and built as follows.

diff --git a/mk/config.mk b/mk/config.mk
index 4107f8486..eb87434eb 100644
--- a/mk/config.mk
+++ b/mk/config.mk
@@ -229,7 +229,7 @@ _CFG_WITH_SECURE_STORAGE := $(call cfg-one-enabled,CFG_REE_FS CFG_RPMB_FS)
 # key and then set TA_PUBLIC_KEY to match public key from the HSM.
 # TA_PUBLIC_KEY's public key will be embedded into OP-TEE OS.
 TA_SIGN_KEY ?= keys/default_ta.pem
-TA_PUBLIC_KEY ?= $(TA_SIGN_KEY)
+TA_PUBLIC_KEY ?= test_public_key.pem

After this, I applied offline TA signing to the TA under development according to the guide and confirmed that it works correctly.
I have two questions from two perspectives:

  1. The necessity of default_ta.pem
  2. Signing of early TAs

Questions:

  1. The necessity of default_ta.pem
  • Can I delete default_ta.pem?
  1. Is it necessary to sign early TAs with the generated key (test_private_key.pem)?
  • From what I have confirmed, it seems that early TAs do not require a separate signing process,but I would like to confirm if I understand this correctly.

Additional question:
I understand that early TAs are included within the TEE binary, why do they also exist in the rootfs (/lib/optee_armtz/)?

Thank you in advance for your help.

@etienne-lms
Copy link
Contributor

  1. The necessity of default_ta.pem
  • Can I delete default_ta.pem?

Yes you can delete the file assuming you set config switches at least TA_PUBLIC_KEY to the appropriate public key PEM file.
That said, when you build OP-TEE OS with CFG_BUILD_IN_TREE_TA=y or CFG_ULIBS_SHARED=y, the build process generates signed TAs/TA libraries, based on TA_SIGN_KEY. If you do not have access to the private key at this point (maybe you sign TAs/libs offline after OP-TEE build completes) then you likely need a dummy key (like default_ta.pem) for build to succeed, after which you can sign TAs/libs with the right key in some post-build sequence.

  1. Is it necessary to sign early TAs with the generated key (test_private_key.pem)?
  • From what I have confirmed, it seems that early TAs do not require a separate signing process,but I would like to confirm if I understand this correctly.

I confirm that early TAs are not signed.

Additional question:
I understand that early TAs are included within the TEE binary, why do they also exist in the rootfs (/lib/optee_armtz/)?

They are present in the rootfs only if the build process embeds them whether or not they are lists in EARLY_TA_PATHS/CFG_IN_TREE_EARLY_TAS. That is what is done by OP-TEE/build.git repo, for sake of simplicity. However it is not needed at all.

@ydonghyuk
Copy link
Author

@etienne-lms

Thank you for your response.
I would like to clarify a few points that I am not sure about.

  1. The difference between the following two features:
    EARLY_TA_PATHS
    CFG_IN_TREE_EARLY_TAS

  2. The purpose of the following feature:
    CFG_BUILD_IN_TREE_TA

Ultimately, I am curious about the possibility of deleting default_ta.pem when applying offline TA signing for external TAs and using early TAs (e.g., pkcs#11).
As I understand it, CFG_BUILD_IN_TREE_TA must be enabled to use early TAs (e.g., pkcs#11).
If that is the case, it seems that default_ta.pem must remain as a dummy key. Could you please confirm this?

@etienne-lms
Copy link
Contributor

etienne-lms commented Nov 18, 2024

  • CFG_IN_TREE_EARLY_TAS allows to define as early-TAs some TAs which source files are stored in OP-TEE OS source tree, in ta/<ta-name>/... directories.

  • EARLY_TA_PATHS allows to define early-TAs which sources are outside OP-TEE source tree.
    (It can also be used with OP-TEE OS in-tree TAs if you provide the OP-TEE OS TA build path)

  • CFG_BUILD_IN_TREE_TA, when enabled, makes OP-TEE OS build sequence to also build all TAs which sources are stored in OP-TEE OS source tree (ta/...).
    Note that building OP-TEE OS in-tree TAs does not mean the TAs are embedded in your system. If some are to be embedded as early TAs, you need to set CFG_IN_TREE_EARLY_TAS accordingly. If some are to be embedded in the Linux filesystem, you need to store/install the related .ta files in your embedded file system.

As I understand it, CFG_BUILD_IN_TREE_TA must be enabled to use early TAs (e.g., pkcs#11).
If that is the case, it seems that default_ta.pem must remain as a dummy key. Could you please confirm this?

Indeed, when CFG_BUILD_IN_TREE_TA=y, you need a (default) private key to generate the in-tree TAs signed image (xxx.ta files).

That said, you can build OP-TEE core with pkcs11 early TA without using CFG_BUILD_IN_TREE_TA=y and without any default/dummy private key file. It may be a bit tricky and needs to be done in 3 steps:

  1. build OP-TEE TA devkit
  2. build your TA(s) EFL files (preferrably stripped :-)
  3. build OP-TEE OS core (embedding the target early TA(s)).

For example, to build OP-TEE core with pkcs11 as early TA and without any private key file defined:

  1. build OP-TEE OS TA devkit without any private key and without building in-tree TAs:
make PLATFORM=<...> O=my-out CFG_BUILD_IN_TREE_TA=n TA_SIGN_KEY=""  ta_dev_kit
  1. build the pkcs11 TA ELF file only, using the generated TA devkit:
    (note: you need to set all pkcs11 TA local config directives CFG_PKCS11_TA_xxx, as in example below)
make -C ta/pkcs11 O=out \
    TA_DEV_KIT_DIR=$PWD/my-out/export-ta_arm32/ \
    CFG_PKCS11_TA_ALLOW_DIGEST_KEY=y \
    CFG_PKCS11_TA_AUTH_TEE_IDENTITY=y \
    CFG_PKCS11_TA_HEAP_SIZE=32768 \
    CFG_PKCS11_TA_TOKEN_COUNT=1 \
    CFG_PKCS11_TA_CHECK_VALUE_ATTRIBUTE=n \
    out/fd02c9da-306c-48c7-a49c-bbd827ae86ee.stripped.elf
  1. Build OP-TEE OS core image with pkcs11 early TA (without a private key file and without building in-tree TAs).
    You need to provide you TA authentication public key with
make PLATFORM=<...> O=my-out CFG_BUILD_IN_TREE_TA=n TA_SIGN_KEY="" \
    TA_PUBLIC_KEY=my-ta-public-key.pem \
    EARLY_TA_PATHS=ta/pkcs11/out/fd02c9da-306c-48c7-a49c-bbd827ae86ee.stripped.elf \
    all

Remember that what count is the public key your OP-TEE OS core is built with. This key shall be the right one.
Generating some useless signed TA images based on a dummy private key that does not match your embedded public key is harmless (from a security perspective) so keeping a default dummy private key (keys/default.pem) should not be an issue and make the build sequence simpler.

@ydonghyuk
Copy link
Author

ydonghyuk commented Nov 18, 2024

@etienne-lms

I think I understand most of your detailed explanation. Thank you.

I understand that I can build the early TA (elf) using the ta_dev_kit and include it in EARLY_TA_PATHS. (Command below)

make PLATFORM=<...> O=my-out CFG_BUILD_IN_TREE_TA=n TA_SIGN_KEY="" \
    TA_PUBLIC_KEY=my-ta-public-key.pem \
    EARLY_TA_PATHS=ta/pkcs11/out/fd02c9da-306c-48c7-a49c-bbd827ae86ee.stripped.elf \
    all

Is it possible to skip the process of building the early TA (elf) and use CFG_IN_TREE_EARLY_TAS instead of EARLY_TA_PATHS with the following command?

make PLATFORM=<...> O=my-out CFG_BUILD_IN_TREE_TA=n TA_SIGN_KEY="" \
    TA_PUBLIC_KEY=my-ta-public-key.pem \
    CFG_IN_TREE_EARLY_TAS=pkcs11/fd02c9da-306c-48c7-a49c-bbd827ae86ee \
    all

If it is not possible, do CFG_IN_TREE_EARLY_TAS and CFG_BUILD_IN_TREE_TA need to be enabled together?

@etienne-lms
Copy link
Contributor

With current build process, CFG_IN_TREE_EARLY_TAS=... needs CFG_BUILD_IN_TREE_TA=y

Copy link

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.

@github-actions github-actions bot added the Stale label Dec 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants