search

OP-TEE / optee_docs

This git contains the official documentation for the OP-TEE project
BSD 2-Clause "Simplified" License
57 stars 96 forks source link

SSK and TSK lengths #159

Open railabouni opened 2 years ago

railabouni commented 2 years ago

Hi, in https://github.com/OP-TEE/optee_docs/blame/master/architecture/secure_storage.rst#L344 SSK and TSK are 128-bit while each of them is a result of HMAC-SHA256 (should be 256-bit long each) What am I missing?

Thank you!

jbech-linaro commented 2 years ago

The key comes from the HMAC-SHA256 as you're saying, but it is truncated to a 128-bit key here (called from here and the define is here).

jbech-linaro commented 2 years ago

But I agree, the docs are a bit unclear here. Should be updated to reflect what actually is happening without making assumptions.

railabouni commented 2 years ago

yea, was a bit confused cause in: https://github.com/OP-TEE/optee_docs/blame/master/architecture/secure_storage.rst#L362 did say "128 bits of k" after "k = SHA256(FEK);" :)

Thank you! Joakim

github-actions[bot] commented 2 years ago

This issue has been marked as a stale issue because it has been open (more than) 30 days with no activity. Remove the stale label or add a comment, otherwise this issue will automatically be closed in 5 days. Note, that you can always re-open a closed issue at any time.