A maintenance release of the GPD Internal Core API with the following additions and bug fixes applied and showing all non-trivial changes since v1.3.0:
- TEE_ALG_RSAES_PKCS1_OAEP_MGF1_xxx (section 6.7.1 and Table 6‑15)
- Added “attribute” parameter to better support the dual digests.
- Clarified use of the algorithm without that additional parameter.
- Clarified the declaration of constants defined in TEE specifications (section 3.3.3).
- Changed the example opaque handle declarations to remove the misuse of consecutive initial underscores: __*
(sections 2.4, 4.1.3, 4.1.4, 5.3.4, 5.3.5, 6.1.4, 9.6.3, 9.6.10, 9.6.11). - Clarified namespace ownership (section 2.7).
- Added warning regarding use of some C99 (or similar) compliant compilers and the long names used in this specification (section 2.8).
- Changed normative reference for PKCS #1, now RFC 8017 rather than the no longer available document on RSAsecurity.com (Table 1‑1 and Annex C).
- Added four algorithms to Table 6‑4 that were added elsewhere in v1.3 of this specification.
- Time (section 7)
- Clarified that TEE_Time initial value is normally calculated from 00:00 on Jan 1st, 1970.
- Clarified how clock skew between real world time and System Time is specified, differentiating behavior between different values of gpd.tee.systemTime.protectionLevel property.
- Clarified that clock skew on the value returned by TEE_GetREETime() is out of scope of this specification.
- Adjusted definition of TEE_MemMove available for backward compatibility, correcting prior transcription error (section 4.11.7).
Previous Version(s)
A minor version release of the GPD Internal Core API, with the following additions and bug fixes applied and showing all non-trivial changes since v1.2.1:
New features introduced:
- Storage types TEE_STORAGE_PERSO and TEE_STORAGE_PROTECTED
- Support for ed448 and x448 algorithms
- Support for SHA3 including SHAKE128 and SHAKE256
- Updated TEE_CreatePersistentObject in section 5.7.2 to support transition from a transient object to a persistent object
- Section 6 adds the extracting state signifying digest extraction
- Section 6.3.3 adds TEE_DigestExtract for use with XOF
Existing functionality clarified:
- Genericized the Peripheral and Event APIs where the text specifically mentioned a TUI session
- Resolved inconsistency in the input data buffer annotation between TEE_WriteObjectData and TEE_CreatePersistentObject
- Section 5.9.4 corrects the offset parameter type in TEE_SeekObjectData
Text clarifications throughout in the use of illegal values reserved for testing:
- Addition of TEE_ALG_HKDF to support key derivation operations
- Addition of gpd.ta.doesNotCloseHandleOnCorruptObject property to define corrupted object behavior and clarified throughout
- TEE_ERROR_OLD_VERSION renamed to TEE_ERROR_UNSUPPORTED_VERSION
- Clarification on behavior when calling TEE_GetObjectBufferAttribute with a NULL buffer
- Define 'Simple Symmetric Key Types'
- keySize parameter behavior clarification in TEE_GenerateKey
- Table 6-4 updated to associate the algorithm, object type and mode of operation
A minor maintenance update of the Internal Core API with the following bug fixes applied and showing all non-trivial changes since v1.2:
- Clarified TEE_ERROR_CIPHERTEXT_INVALID return code
- Clarified Generic Payloads with reference to [TEE TUI Low] v1.0.1 in section 9.6.9
- Corrected TEE_RestrictObjectInfo1 references in Figure 5-1 to TEE_RestrictObjectUsage1 and updated the associated text in section 5.5.2
- Updated Figure 6-1 to include the missing TEE_SetOperationKey and TEE_SetOperationKey2 transitions
This specification defines a set of C APIs for the development of Trusted Applications (TAs) running inside a Trusted Execution Environment (TEE). For the purposes of this document a TEE is expected to meet the requirements defined in the GlobalPlatform TEE System Architecture specification, i.e. it is accessible from a Rich Execution Environment (REE) through the GlobalPlatform TEE Client API (described in the GlobalPlatform TEE Client API Specification) but is specifically protected against malicious attacks and only runs code trusted in integrity and authenticity.