I am developing Trusted Applications in Trusty environment, according to the documentation, the SSK-derived key is unique on each device.
However I created two TAs in the same device and call
get_ssk_dk() function in each TA, the SSK-derived keys are different. What could be the reason of this ?
Note that, I reuse the same
key_mgnt.c for both TAs, which is defined in the original sample given in the device.
Additionally, I actually created three different TAs, two of them have same
ssk_dk, only one of them is different.
Thanks a lot for your help !
Supplemental information that may help:
After testing several projects, I found that only the first TA calling
key_mgnt_processing has a different specific SSK-derived key, the later TAs all get unique fixed SSK-derived key.
This bug could be solved by calling
key_mgnt_processing twice in the first TA. But it doesn’t explain the reason.
If you need multiple different keys for different TAs, please try
Use the ssk_dk which was derived during the Trusty init time. Then implement a query_key API with the label and context string as inputs.
In the API, you can use the nist_sp_800_108_with_cmac() API with ssk_dk, label, and context string as the input to generate different keys for different TAs.
Please always derive a new key for different TAs. The key_mgnt_processing API should be invoked once during init time.
Actually, I need the same key for different TAs.
During Init Time, I did
se_derive_root_key to generate a root key named
ssk_rk, and used
nist_sp_800_108_with_cmac() API to generate
ssk_dk, with same label and context string. (The whole procedure is in
The Thing is : I repeated the exact procedure above for different TAs, and switched the order of TAs to compile and flash to the device for many times, the result is always the first executed TA in the boot time returns a different
ssk_dk compared with others.
key_mgnt_processing API twice “solved” this issue makes me more confused.
Please run key_mgnt_processing only once in one TA which should be hwkey-agent TA. And other TA can query the key from it.