jenswi-linaro
commented
2 years ago You can't do that directly from a user space Trusted Application. That key is for OP-TEE Core internal purposes only.
Closed Yuki711 closed 2 years ago
jenswi-linaro
commented
2 years ago You can't do that directly from a user space Trusted Application. That key is for OP-TEE Core internal purposes only.
Yuki711
commented
2 years ago Hello @jenswi-linaro
Thank you for your reply, I understand what you said, but for example, if I want to manually write into RPMB with 'mmc rpmb write-block' or read RPMB (mmc rpmb read-block), I need RPMB key to encrypt/decrypt data, is it right?
jenswi-linaro
commented
2 years ago The function you looking for is tee_rpmb_key_gen() in core/tee/tee_rpmb_fs.c
Yuki711
commented
2 years ago Hello @jenswi-linaro
The function you looking for is
tee_rpmb_key_gen()incore/tee/tee_rpmb_fs.c
Yes I already used this function to generate my RPMB Key. But I would like to read this key as a developper (if I forget this key for example, and I need it to use it). This way, I could build a new TA that could read RPMB key value and print it in debug logs.
Do you think that I could access it, indirectly?
Best regards,
Julie
jenswi-linaro
commented
2 years ago You could add a Pseudo TA to do that. Look in core/pta/ for examples.
Hello,
I would like to create a new Trusted Application ‘optee_example_print_rpmb_key’ and the associated Client Application, to show the RPMB key (as development purpose). I know that RPMB key is not directly accessible (stored somewhere in secure storage), so I would like to ask if someone knows how or what function to use in order to get/read RPMB Key.
Thank you for your help.
Julie