TEE Sockets API Specification v1.0.1, 1.0.3 & 1.1 | GPD_SPE_100, GPD_SPE_101, GPD_SPE_102, GPD_SPE_103, GPD_GUI_104
Published Dec 2022
Changes to Annex C include:
- New functionality and extensions to enable TLS 1.3 client mode
- Better operating mode support for TLS key establishment and authentication beyond the original Pre-Shared Keys (PSKs)
- Eliminated TEE_tlsSocket_CertStorageCred structure and associated unions in TEE_tlsSocket_Credentials structure.
Annex D is updated to reflect the changes to Annex C.
Note: Only these two annexes are being issued as v1.1.
- TEE Sockets API Specification remains at v1.0.3.
- Annex A (Sockets TCP/IP) and Annex B (Sockets UDP/IP) remain at v1.0.1.
This maintenance release of the main specification:
Clarifies limitations on cryptographic recommendations
Specifies an API name string to support TEE Management Framework Audit capabilities (section 4.5)
Corrects a typo in redefinition of TEE_iSocketHandle structure (section 5.2.1)
The annexes are unchanged in this release.
This maintenance release of Annex C adds reference to GlobalPlatform recommendations regarding security protocols and cryptography.
This is a suite of specifications that provide standards to enable a Trusted Application to directly make use of internet protocol interfaces, rather than send packets to a client application for internet transfer.