IETF Logo Mail Archive

Re: [Teep] Hardware for hackathons

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Tue, 10 December 2019 13:17 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: teep@ietfa.amsl.com
Delivered-To: teep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAF63120098 for <teep@ietfa.amsl.com>; Tue, 10 Dec 2019 05:17:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=2MRpGedc; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=armh.onmicrosoft.com header.b=9pCPLNJ/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swQy_JTWIU4A for <teep@ietfa.amsl.com>; Tue, 10 Dec 2019 05:17:16 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60056.outbound.protection.outlook.com [40.107.6.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F8F312008A for <teep@ietf.org>; Tue, 10 Dec 2019 05:17:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KgqU/AkbRuDE4Y3I01wGr1Th9YS/GYi/Dnmqdhz92N4=; b=2MRpGedcU1neeneClE4kk7HrHzM5Wqzs9/fvv2DQlNmOWz6CkIVFu40RvbgBYRL4+xG6+JPTXJ1EmovueBvchMLxVHcDKx0RGsakNYFgd6hAd/ZKwh4xkJtgGx5xR3BWc+juKRPdUjkL92dzK68mwN7KIPpyUf/Vq1trwTdSwzA=
Received: from VI1PR08CA0233.eurprd08.prod.outlook.com (2603:10a6:802:15::42) by AM5PR0801MB1970.eurprd08.prod.outlook.com (2603:10a6:203:4a::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.16; Tue, 10 Dec 2019 13:17:13 +0000
Received: from VE1EUR03FT015.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::208) by VI1PR08CA0233.outlook.office365.com (2603:10a6:802:15::42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.14 via Frontend Transport; Tue, 10 Dec 2019 13:17:13 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT015.mail.protection.outlook.com (10.152.18.176) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18 via Frontend Transport; Tue, 10 Dec 2019 13:17:13 +0000
Received: ("Tessian outbound 25173d5f5683:v37"); Tue, 10 Dec 2019 13:17:12 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: f175dca4e7a32dcd
X-CR-MTA-TID: 64aa7808
Received: from 17ce86211403.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 1DD528A7-E08F-4AFF-9897-5BEA990F19E3.1; Tue, 10 Dec 2019 13:17:07 +0000
Received: from EUR04-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 17ce86211403.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 10 Dec 2019 13:17:07 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q2UesPRIfAm8atIfHRxMDvFQwqHD6Ch9QlrRnjNd7TwZq0igfiFRop8w8LTLg6+7fpozG1W+B1MqvrL2ZtTL9Ks0o/FMpid2TxVkaa8GRHoryhP/F0++by7UA25WurYG5XqhIiNVzTNJKDVSyDPqJeNHdYQZJBrB8J+c+Rb3W+cR4lfADZBApPr54IBGR3+WK4+/1qtdljVP6c56IAlmHbOEIdJB0UJpMHGFlJjPhrt4hNJi7Z5hPbXl05uMyidI1zhFo0KZfhsAOOZ3XvfGe2LzveWWXjADnE88kRD9UxjvuFTexvFAmnwl6qZoxfjfmi+dqacYTOx5OeNeOkT0Hw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fRxLRaz4UBhAsb1YvhguU/NPnEzoAaWbA/GMapU2yDU=; b=Bqdh62q8kgHarRKvd1q4AnmjYvWTpo6DdyI818ynTlsx1ABBrhV8vSyGg7I/0xD1T07ygiAEV8TdrrHF7DVhFxLQqiEqo0VrkmNnXDsjz9jz2HfPmdJo5U7x56S6RbTYIJSMG8hVlZHqJly/5+krMwgzpZ68lCGnTFYM9/8hDNHXS7N7ZJDIeO7k75HV9PoNcMbRbHnOzLNn3gbG4gT3ncTbIhUTcKfHxUWSAbbKi44ymzaOen9d4PlB1csXJijvee+Mevyf7zQoG1GNf7CjGa+tfGrdhphthv1/j+v/Sh+ANUgokksg1h/LgTBYvDXSrAoeHi+3cXvdjmeXI3pikw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fRxLRaz4UBhAsb1YvhguU/NPnEzoAaWbA/GMapU2yDU=; b=9pCPLNJ/Q8WMJuyjhMr6OeTfU+d3L+QzKgZUQX1maNHPFH/bmpKK43WLJrPpT8X71gYXC9SuQUNDOgXb3d8G0dGJBLw6ttScg7Osb+I2nqmcN+TErgBYfACIZM1eZj0gP75mNCet0VFFX76SJRkqXKafrEJX3jRLpjWEPUYj8cg=
Received: from AM6PR08MB5285.eurprd08.prod.outlook.com (20.179.0.161) by AM6PR08MB4802.eurprd08.prod.outlook.com (10.255.98.210) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.16; Tue, 10 Dec 2019 13:17:06 +0000
Received: from AM6PR08MB5285.eurprd08.prod.outlook.com ([fe80::1581:c3da:22ee:41b9]) by AM6PR08MB5285.eurprd08.prod.outlook.com ([fe80::1581:c3da:22ee:41b9%7]) with mapi id 15.20.2516.018; Tue, 10 Dec 2019 13:17:06 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: 塚本明 <akira.tsukamoto@aist.go.jp>, "teep@ietf.org" <teep@ietf.org>
Thread-Topic: [Teep] Hardware for hackathons
Thread-Index: AdWef0pdz9KUdH7DRqu30fCyTdtLDgACnekAAZ+x1gAALN90gAEqMvKAAT2T6WA=
Date: Tue, 10 Dec 2019 13:17:05 +0000
Message-ID: <AM6PR08MB52851A43B6015007F165D832FA5B0@AM6PR08MB5285.eurprd08.prod.outlook.com>
References: <CY4PR21MB0773C2CEFF38942B2CA517C0A34C0@CY4PR21MB0773.namprd21.prod.outlook.com> <CACuRN0NQSizzuqScEQJZJJwegsdJHi8mi=Gp_kqpK4CsJ2-OSQ@mail.gmail.com> <CACuRN0Pz=L0vS4ek81UPyFf7SGjTWecbfugHGJ=JBNTUFvQ=VQ@mail.gmail.com> <16466.1574925507@dooku.sandelman.ca> <0964412f-3039-04e7-e4f6-2d902bba3910@aist.go.jp>
In-Reply-To: <0964412f-3039-04e7-e4f6-2d902bba3910@aist.go.jp>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: e177a870-e125-4919-9c91-df4c027343ea.0
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
x-originating-ip: [88.128.92.81]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 2a993a0d-57c3-4b04-d7f5-08d77d73452c
X-MS-TrafficTypeDiagnostic: AM6PR08MB4802:|AM5PR0801MB1970:
X-Microsoft-Antispam-PRVS: <AM5PR0801MB19701D430B929810769656D6FA5B0@AM5PR0801MB1970.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
x-ms-oob-tlc-oobclassifiers: OLM:9508;OLM:9508;
x-forefront-prvs: 02475B2A01
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(376002)(396003)(136003)(366004)(199004)(189003)(51444003)(13464003)(55016002)(64756008)(966005)(2906002)(66446008)(33656002)(478600001)(66946007)(8936002)(9686003)(81156014)(81166006)(8676002)(186003)(53546011)(26005)(76116006)(5660300002)(6506007)(316002)(66476007)(86362001)(7696005)(110136005)(66556008)(71200400001)(52536014); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR08MB4802; H:AM6PR08MB5285.eurprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 7K69ltsgpV/WNoHpBwSQ/ALWoKKsni+QgNTi7yK0yaBSHxGZ8IeO0xm1NeMrSjYXfVdprIAvPfSHkP6KzwiEh9v7mkyL6wgJKwHahnNhQeHntirw1Zm8JlJIIC6+vy7/zL8eDNYyhsE/G5MyT6nV/uGQw6yGLDLcICcuZNACv4YYw2fp62cHdj04Lvs3W//VeRUYa6keECB9srMLpEykJaiRU2PAhRHv6PSzTpqbZ+PUA4Ffm9BKmvOMBf57D3zFg3GOGa7GGVMx/LxsPOI7gC6LP9pxznqSlkuAiDA0UxPsUw2Fjf73NvDGd7/1SeMBIiB3yZQa42vFfsXcC/i6ZGIgVsWGKeo8nY/naaCreevdxawHf15oYxpRUQih8faIWPWI6SH1Z6gQCSC4qbLw2LL2him4cJiU2qcs8xZUt/dcKFRUsPTyEK+bnjUf+bvrbVES79oWMYMw3P7voaZosDIwMURFOeDjRHY/qdn1AByO0cleLMd2B4w0heXQ648esEdDD3SBIP31WllbHOplvRlmLPUgMNluXBFzJa/lp3W/5NMuoAgo/hKvEuhDc2n4
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4802
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hannes.Tschofenig@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT015.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; IPV:CAL; SCL:-1; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(346002)(136003)(396003)(376002)(39860400002)(40434004)(13464003)(189003)(199004)(51444003)(8936002)(81156014)(52536014)(8676002)(81166006)(36906005)(9686003)(55016002)(6506007)(7696005)(53546011)(186003)(86362001)(110136005)(336012)(76130400001)(70586007)(70206006)(966005)(316002)(26826003)(356004)(2906002)(33656002)(478600001)(26005)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM5PR0801MB1970; H:64aa7808-outbound-1.mta.getcheckrecipient.com; FPR:; SPF:Pass; LANG:en; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 2ae3bc51-54ab-40f7-73e0-08d77d734106
X-Forefront-PRVS: 02475B2A01
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: KybVMvPxY4i2+BJi7qOtY1PTk9X54I9Y6D+wr2+It9xoS8EwlyD0DHnt9t7SXqD42P+N+0bw23ZIfWy4Gc2GXVIACbgj4rbWtEE4ujqF/utCu117xA47Jki4kQtuLZmg9y57hb1ueOTngkVeNJFlrZTsP9f12piMVB3QYOGeBJXxra2XSDcrv8dDIPS69aGgjCtTmzrK0SQBkF6uLSy1b/06VR+GBrDDfX4pKJwt/j7xuU7phRTm0LXCLDa/eDljJ8EfdnVxSXHPuAnFeZjmgmmjqvdj2TTEnGhttSQU5RX+wIrDRIlTJYdaFIewe91wcNq7YkpfjrcHV7n1LC8NjBL3kMMlE/DaHyZDO/gO7sH+ubNW109zohTJuzATjuVIaxvHT12DFx94p4ibiJ+58kWcCUu/yZy8Fdm3W0YJwdIGEwrzCt2nVDdfxv0oRQ6cwigON3e3kbyLsaWwPJXhHEzvM2n+xf7y0CW35NsUbyAlKba7/xnjg5G3pNEicvgfDCy67vGfLvCPxSNOHQqaqUIVb0G4PlElVCEGTPWqJxd7CtmfkZREjy64KRedBRMfcKOoNDNZYvs8KP7lc/3YqQ==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Dec 2019 13:17:13.0391 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 2a993a0d-57c3-4b04-d7f5-08d77d73452c
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM5PR0801MB1970
Archived-At: <https://mailarchive.ietf.org/arch/msg/teep/JYTRh1Qs1_BLrFNgWna4R6M6DVc>
Subject: Re: [Teep] Hardware for hackathons
X-BeenThere: teep@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A Protocol for Dynamic Trusted Execution Environment Enablement <teep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teep>, <mailto:teep-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teep/>
List-Post: <mailto:teep@ietf.org>
List-Help: <mailto:teep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teep>, <mailto:teep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Dec 2019 13:17:20 -0000

Hi Michael, Hi Akira,

The goals for the participants are likely going to be different with each of the involved groups. A Hackathon does not necessarily imply that we only focus on interoperability tests but also to get concepts evaluated. IMHO it makes sense to re-use some common building blocks for our TEEP protocol evaluations.

Ciao
Hannes

-----Original Message-----
From: TEEP <teep-bounces@ietf.org> On Behalf Of ???
Sent: Wednesday, December 4, 2019 6:37 AM
To: teep@ietf.org
Subject: Re: [Teep] Hardware for hackathons



On 2019/11/28 16:18, Michael Richardson wrote:
>
> Akira Tsukamoto <akira.tsukamoto@gmail.com> wrote:
>      > For the further discussion for the future hackathon, I searched
>      > information of Grapeboard and STM32MP157C-DK2 (which is STM CortexA7
>      > devboard, I will abbreviate as StmA7board).
>
>      > It is not mandatory but it would be nice to have/use unified
>      > programing software stacks for the TEEP development on both TAM and
>      > TEEP device.
>
> I will admit that I'm struggling a bit to understand the value of an
> interop hackathon where everyone is using the same software.  I see
> the point for a tutorial on a particular stack.  (I also come at this
> from the RATS point of view, of soft TPMs running in TEEs, and also
> TEEs attesting to relying parties rather than other TEE applications)
>
> I also see a point in helping people who are building other components
> in the ecosystem to learn how to bring up the things that they are
> intending to interoperate with.

Of course, it would be more beneficial to have variety of hardware and software working and ready for interop testing.

At the moment, I really do not have both otrp and teep protocol over http between TAM side and device side implemented on the real device, at least at my place. We are still in the middle of developing it.

It would make me helpful to have some kind of consolidation to get to the point of having working code and reflect the learning to the draft.

And then start porting to their software stacks and devices and having variety of hardware and software would be really nice.

The objective is the same, I just was thinking of one step forward of current situation.

>
>      > *) JSON stack:
>      > (1) jansson, which Dave is using
>      > https://github.com/akheron/jansson
>      > (2) node.js, Isobe-san`s TAM
>      > (3) json parser in libwebsockets, which my prototype is using
>      > https://github.com/warmcat/libwebsockets/tree/master/lib/jose
>
>      > *) JOSE stack:
>      > (1) latchset/jose, which Dave is using
>      > https://github.com/latchset/jose
>      > (2) node.js?, Isobe-san`s TAM
>      > (3) libwebsockets
>
>      > *) HTTP stack:
>      > (1) from scratch?, In Dave`s
>      > https://github.com/dthaler/OTrP/blob/master/TeepTamBrokerLib/HttpServer.cpp
>      > (2) libwebsockets, In mine
>
>      > *) Crypto-tsl stack:
>      > (1) openssl, Dave`s
>      > (2) mbedtls, mine
>      > Other than above, might good to use smaller libs, wolfSSL or s2n on
>      > the device side?
>
>      > *) rootfs
>      > (1) Ubuntu?, Dave`s
>      > (2) buildroot, mine
>
> This is a wide variety of options, and this is great!
> I think that many these are TAM code though?

Yes, it is great.
My prototype device is on ARM board using op-tee.
It is able to install and delete TA on the device with my own TAM but the message format is not compliant yet.
Do not use the strings written in the draft yet.

At the IETF 106 hackathon, it was my first time to try connecting to the Dave's TAM and Isobe-san's TAM.
While I was tweaking the otrp message, I end up most of the time fixing the http and json parser which is working underneath.

This is the reason I thought it will be good to focus on consolidate and not have to much fragmentation of developing effort.

>
>      > The default rootfs of dev boards introduced by Dave and Hannes.
>      > *) Grapeboard
>      > Ubuntu, customizable to Yocto/OE, OpenWRT and etc
>      > *) StmA7board
>      > Yocto/OE (OpenSTLinux)
>
>      > Also, we have to consider the hardware requirements of SGX, ARM
>      > TrustZone and RISC-V too.
>      > The SGX is pretty handy since it could use simulation mode on any pc.
>      > The op-tee is able to run on qemu too.
>
> op-tee seems like it should be a default tutorial choice.

I prefer having reference of all sgx, optee and others but starting from one by one.

-Akira

>
>      > I honestly do not have any preference listed above. I was late on the
>      > boat and did not know what others have done in the past.
>
>      > We do not have so much engineering resources at the moment, so I
>      > thought it would be good to work on similar environment as possible to
>      > able to focus on teep stack.
>
> I guess it is this last part which caused me to reply and comment above.
> I think that we need to also consider that we might want to figure out
> the different roles and make a table that way.
>
> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>   -= IPv6 IoT consulting =-
>
>
>
>
> _______________________________________________
> TEEP mailing list
> TEEP@ietf.org
> https://www.ietf.org/mailman/listinfo/teep
>
_______________________________________________
TEEP mailing list
TEEP@ietf.org
https://www.ietf.org/mailman/listinfo/teep
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

v2.23.0 | Report a Bug | By Email