You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by GitBox <gi...@apache.org> on 2022/08/09 09:24:56 UTC

[GitHub] [incubator-teaclave-trustzone-sdk] syedelec opened a new issue, #84: Signature Verification example using ring crate

syedelec opened a new issue, #84:
URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/84

   Hi
   
   I am trying to play around with some rust TA examples and I found that the `signature_verification-rs` [example](https://github.com/apache/incubator-teaclave-trustzone-sdk/tree/master/examples/signature_verification-rs) is using the ring module from a specific repo (https://github.com/veracruz-project/ring.git)
   
   My questions are the following:
   
   1. is it safe and secure to use external crate in the TA for cryptographic operations instead of tee api?
   2. why use a specific repo for ring and not the official crate? (https://crates.io/crates/ring)
   3. are there other crypto crate we could use in TA?
   
   Thanks
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org
For additional commands, e-mail: dev-help@teaclave.apache.org

[GitHub] [incubator-teaclave-trustzone-sdk] DemesneGH commented on issue #84: Signature Verification example using ring crate

Posted by GitBox <gi...@apache.org>.
DemesneGH commented on issue #84:
URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/84#issuecomment-1209329221

   Hi @syedelec 
   
   
   > 1. is it safe and secure to use external crate in the TA for cryptographic operations instead of tee api?
   
   TEE Core APIs are defined in the standard specification and implemented differently in various TEE OS. OP-TEE uses [libtomcrypt](https://optee.readthedocs.io/en/latest/architecture/crypto.html#libtomcrypt) as its default implementation of the crypto APIs. It also supports adding a new software implementation.
   It's okay to use the third-party crypto libraries in TAs. Its security depends on the security of the crypto library itself.
   
   
   
   > 2\. why use a specific repo for ring and not the official crate? (https://crates.io/crates/ring)
   
   Ring in veracruz-project has been ported to OP-TEE (e.g. this [commit](https://github.com/veracruz-project/ring/commit/808f1f6184b72266ac633e2f0e9a05ad4942a77c)).
   
   
   > 3\. are there other crypto crate we could use in TA?
   
   Other crypto crates can be used in TA after they have been ported to OP-TEE's standard library. Ring is the only crypto crate supported now.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org
For additional commands, e-mail: dev-help@teaclave.apache.org

[GitHub] [incubator-teaclave-trustzone-sdk] syedelec commented on issue #84: Signature Verification example using ring crate

Posted by GitBox <gi...@apache.org>.
syedelec commented on issue #84:
URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/84#issuecomment-1210646505

   Thanks! That's way clearer now!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org
For additional commands, e-mail: dev-help@teaclave.apache.org

[GitHub] [incubator-teaclave-trustzone-sdk] syedelec closed issue #84: Signature Verification example using ring crate

Posted by GitBox <gi...@apache.org>.
syedelec closed issue #84: Signature Verification example using ring crate
URL: https://github.com/apache/incubator-teaclave-trustzone-sdk/issues/84


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@teaclave.apache.org
For additional commands, e-mail: dev-help@teaclave.apache.org