Re: [Teep] Hardware for hackathons

塚本明 <akira.tsukamoto@aist.go.jp> Wed, 04 December 2019 05:36 UTC

Return-Path: <akira.tsukamoto@aist.go.jp>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 974E71200DF for <teep@ietfa.amsl.com>; Tue, 3 Dec 2019 21:36:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=aist.go.jp
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cw1Lfs7NzSPI for <teep@ietfa.amsl.com>; Tue, 3 Dec 2019 21:36:52 -0800 (PST)
Received: from JPN01-OS2-obe.outbound.protection.outlook.com (mail-eopbgr1410051.outbound.protection.outlook.com [40.107.141.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AACE1200D5 for <teep@ietf.org>; Tue, 3 Dec 2019 21:36:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MJhYxBDteC0W87y76gLkSmpcui+styAYZYn8Kw2XFuBb4ahSGBJFs5OvV96rjuGqaDY72eukAyO+sKRlBF8XVtoYa7pN+RtOslPyKGClZLzECf6juNqYz8P53a/GfUtlV9bnoXqu/eZ5EZyNQdGu9AuPrcspsPfDpu+irWWE/lv4bFzCoTdAnV6VJkBxYk3OGRr/jaHYm8hTEWhjC1CUHEmYxKFbbKki7ovVNhKcrhe273jN+DZp3ODTUxaJWrM7vKZmEMYQP4ZaBeZMiRHCHXy+Q13E0l13yokA8A68vB2dUUnH2dmwUCrJR6r6pFYy/WqLsrDb82MgBzWLKiXdkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pbu00evoMJ0fa+XHw5c5IzKo7gX1bnfdcsWA0Z4weyM=; b=XCpR6JaKBmeQ4lpeUfQ0PCJUA06Akl6mna3udCBZBu4H2eNowDkU8nomBvzIANZPcaQADJK3mHEnfafzrWbgPdN+Wf5HjZYDVEkgsSoBQqykaQIBpQ58DBEIS55L9SOe9OaP791iKWIC7clXHmqKZwZgAcBnX8cJ+R6iyYrAcbH00uoL9vUrfkEwwUtkKBtI2kPV4Xy2VN1ci+6iDKsd+BlQIJEWbPWJ0zCRI3dTwvJzkwK3N+m3p6HE2OTKGoFcaEPJil9B9b++SM3Q7YB2hUuRwkxUA09eISyfBXr+Aa1c6t98K1kWcf9HvGz2W9gFlWCdFXeBR0wwQ0ZslZ4B4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aist.go.jp; dmarc=pass action=none header.from=aist.go.jp; dkim=pass header.d=aist.go.jp; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aist.go.jp; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pbu00evoMJ0fa+XHw5c5IzKo7gX1bnfdcsWA0Z4weyM=; b=XLZjHsxRkg8M4blRSztyrbovKSPRNN4pRqF4VJ9g6d47rmtini6DJ0EPCPXBAvbznaqOaPyOKqAwAw+41SmygrUH97yuYwX6o7cc4cURcdLOF5hhY9b9iOBUpZSCGOx/vZ0CTZHv8bRg7iNzFBqQlAvVhELB0y4IsT13XCPNtbY=
Received: from TYAPR01MB5246.jpnprd01.prod.outlook.com (20.179.187.143) by TYAPR01MB2478.jpnprd01.prod.outlook.com (20.177.103.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.22; Wed, 4 Dec 2019 05:36:50 +0000
Received: from TYAPR01MB5246.jpnprd01.prod.outlook.com ([fe80::21fe:542a:8baa:49ef]) by TYAPR01MB5246.jpnprd01.prod.outlook.com ([fe80::21fe:542a:8baa:49ef%5]) with mapi id 15.20.2495.014; Wed, 4 Dec 2019 05:36:50 +0000
From: =?utf-8?B?5aGa5pys5piO?= <akira.tsukamoto@aist.go.jp>
To: "teep@ietf.org" <teep@ietf.org>
Thread-Topic: [Teep] Hardware for hackathons
Thread-Index: AdWef0pdz9KUdH7DRqu30fCyTdtLDgACnekAAZ+x1gAALN90gAEqMvKA
Date: Wed, 4 Dec 2019 05:36:50 +0000
Message-ID: <0964412f-3039-04e7-e4f6-2d902bba3910@aist.go.jp>
References: <CY4PR21MB0773C2CEFF38942B2CA517C0A34C0@CY4PR21MB0773.namprd21.prod.outlook.com> <CACuRN0NQSizzuqScEQJZJJwegsdJHi8mi=Gp_kqpK4CsJ2-OSQ@mail.gmail.com> <CACuRN0Pz=L0vS4ek81UPyFf7SGjTWecbfugHGJ=JBNTUFvQ=VQ@mail.gmail.com> <16466.1574925507@dooku.sandelman.ca>
In-Reply-To: <16466.1574925507@dooku.sandelman.ca>
Accept-Language: ja-JP, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: TY2PR0101CA0039.apcprd01.prod.exchangelabs.com (2603:1096:404:8000::25) To TYAPR01MB5246.jpnprd01.prod.outlook.com (2603:1096:404:130::15)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=akira.tsukamoto@aist.go.jp;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [150.82.217.251]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: d1dca5cf-8422-4a00-0501-08d7787bf62d
x-ms-traffictypediagnostic: TYAPR01MB2478:
x-microsoft-antispam-prvs: <TYAPR01MB2478E3D02050A860632ECB36D85D0@TYAPR01MB2478.jpnprd01.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0241D5F98C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(376002)(346002)(136003)(39860400002)(396003)(189003)(199004)(51444003)(7736002)(14444005)(71200400001)(5640700003)(966005)(2351001)(256004)(81166006)(2501003)(99286004)(31696002)(85182001)(305945005)(316002)(31686004)(6436002)(86362001)(6486002)(53546011)(186003)(76176011)(52116002)(6916009)(14454004)(102836004)(446003)(6246003)(6506007)(386003)(2906002)(5660300002)(3846002)(6116002)(2616005)(1730700003)(478600001)(8936002)(81156014)(11346002)(26005)(6306002)(6512007)(8676002)(64756008)(66446008)(25786009)(66476007)(229853002)(36756003)(71190400001)(66556008)(66946007); DIR:OUT; SFP:1101; SCL:1; SRVR:TYAPR01MB2478; H:TYAPR01MB5246.jpnprd01.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: aist.go.jp does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +Fce+/XFlC7kycWvU6w9dj8CwzaapOYIUB3nvy/EQY8lRTSPgqHVe1BrCuJiL3InQa3Q24kuQipYOUUncCKknxlcovQKopvtcecNY/9ZJ27hoRxPhUQeeMV5shfeAs+Kw36NoInbI3KjVOEyMFJ0mvzkw8RNXT1taEH534ANHcdNH6oRG9syvhQjdgO/a0FKRFKkVdlYnepqL2kNnR7dxRXRUlxMAx/Sge4s0v1QjnB19ulMRVNc02GIH4u5gd551DQhI8zpH2QuO/7CEqk1t9pZ27aizhdMeusBB8sgtiOZxCvXE20kmJ3tSJrUWejboa4Fwf+LjOzrZzucamYjX9ZOvJ5IPBTb/31zPqy4Wruj4qwOvY3ZlcV+zV8pBCuHO+Cmx1QnOrbwdOrCBAoLjfg2OQPik2a6kTMIL2OSPZzg0aAOeB/Sd+YqX2j6ysp+X9WzzUfbwKif+uBGMB+65f+RCoPrNeVfqKfhlzjvswPZnKdVyZ7VySQvTpNmc4P4cGa0PWwJoHRGQ4Dwvhc0SjvhZr6TeORTh4Lk/lre6w4=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <1E3636BD9AA8F44AA6445C8F9109FAD7@jpnprd01.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: aist.go.jp
X-MS-Exchange-CrossTenant-Network-Message-Id: d1dca5cf-8422-4a00-0501-08d7787bf62d
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Dec 2019 05:36:50.3630 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 18a7fec8-652f-409b-8369-272d9ce80620
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gqUaGYt6x3UsQCUvv29jQv8BjyeBheh6A8JLCtKyOWXdtawL2keqyHbXvjrtscWBD/PXdWwwWBFXPcCZKBTIAPFVVS7+1CyXaRXj6wAOWcY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYAPR01MB2478
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/1HKtmhANeMg6GWH6psghl2Z2rD4>
Subject: Re: [Teep] Hardware for hackathons
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Dec 2019 05:36:55 -0000


On 2019/11/28 16:18, Michael Richardson wrote:
> 
> Akira Tsukamoto <akira.tsukamoto@gmail.com>; wrote:
>      > For the further discussion for the future hackathon, I searched
>      > information of Grapeboard and STM32MP157C-DK2 (which is STM CortexA7
>      > devboard, I will abbreviate as StmA7board).
> 
>      > It is not mandatory but it would be nice to have/use unified
>      > programing software stacks for the TEEP development on both TAM and
>      > TEEP device.
> 
> I will admit that I'm struggling a bit to understand the value of an interop
> hackathon where everyone is using the same software.  I see the point for a
> tutorial on a particular stack.  (I also come at this from the RATS point of
> view, of soft TPMs running in TEEs, and also TEEs attesting to relying
> parties rather than other TEE applications)
> 
> I also see a point in helping people who are building other components in the
> ecosystem to learn how to bring up the things that they are intending to
> interoperate with.

Of course, it would be more beneficial to have variety of hardware and software
working and ready for interop testing.

At the moment, I really do not have both otrp and teep protocol over http
between TAM side and device side implemented on the real device, at least
at my place. We are still in the middle of developing it.

It would make me helpful to have some kind of consolidation to get to the
point of having working code and reflect the learning to the draft.

And then start porting to their software stacks and devices and having
variety of hardware and software would be really nice.

The objective is the same, I just was thinking of one step forward of
current situation.

> 
>      > *) JSON stack:
>      > (1) jansson, which Dave is using
>      > https://github.com/akheron/jansson
>      > (2) node.js, Isobe-san`s TAM
>      > (3) json parser in libwebsockets, which my prototype is using
>      > https://github.com/warmcat/libwebsockets/tree/master/lib/jose
> 
>      > *) JOSE stack:
>      > (1) latchset/jose, which Dave is using
>      > https://github.com/latchset/jose
>      > (2) node.js?, Isobe-san`s TAM
>      > (3) libwebsockets
> 
>      > *) HTTP stack:
>      > (1) from scratch?, In Dave`s
>      > https://github.com/dthaler/OTrP/blob/master/TeepTamBrokerLib/HttpServer.cpp
>      > (2) libwebsockets, In mine
> 
>      > *) Crypto-tsl stack:
>      > (1) openssl, Dave`s
>      > (2) mbedtls, mine
>      > Other than above, might good to use smaller libs, wolfSSL or s2n on
>      > the device side?
> 
>      > *) rootfs
>      > (1) Ubuntu?, Dave`s
>      > (2) buildroot, mine
> 
> This is a wide variety of options, and this is great!
> I think that many these are TAM code though?

Yes, it is great.
My prototype device is on ARM board using op-tee.
It is able to install and delete TA on the device with my own TAM
but the message format is not compliant yet.
Do not use the strings written in the draft yet.

At the IETF 106 hackathon, it was my first time to try connecting to the
Dave's TAM and Isobe-san's TAM.
While I was tweaking the otrp message, I end up most of the time
fixing the http and json parser which is working underneath.

This is the reason I thought it will be good to focus on consolidate
and not have to much fragmentation of developing effort.

> 
>      > The default rootfs of dev boards introduced by Dave and Hannes.
>      > *) Grapeboard
>      > Ubuntu, customizable to Yocto/OE, OpenWRT and etc
>      > *) StmA7board
>      > Yocto/OE (OpenSTLinux)
> 
>      > Also, we have to consider the hardware requirements of SGX, ARM
>      > TrustZone and RISC-V too.
>      > The SGX is pretty handy since it could use simulation mode on any pc.
>      > The op-tee is able to run on qemu too.
> 
> op-tee seems like it should be a default tutorial choice.

I prefer having reference of all sgx, optee and others but starting from one by one.

-Akira

> 
>      > I honestly do not have any preference listed above. I was late on the
>      > boat and did not know what others have done in the past.
> 
>      > We do not have so much engineering resources at the moment, so I
>      > thought it would be good to work on similar environment as possible to
>      > able to focus on teep stack.
> 
> I guess it is this last part which caused me to reply and comment above.
> I think that we need to also consider that we might want to figure out the
> different roles and make a table that way.
> 
> --
> Michael Richardson <mcr+IETF@sandelman.ca>;, Sandelman Software Works
>   -= IPv6 IoT consulting =-
> 
> 
> 
> 
> _______________________________________________
> TEEP mailing list
> TEEP@ietf.org
> https://www.ietf.org/mailman/listinfo/teep
>