Rate This Document
Findability
Accuracy
Completeness
Readability

Change Description

New Features

Feature

Description

Authentication hardening for the commercial cryptographic module

  1. The side-channel attack defense capability is provided based on OpenSSL.
  2. The commercial cryptographic module supports access control.
  3. The commercial cryptographic module supports algorithm self-test.

Optimized virtualization deployment of the cryptographic module with SDF APIs

  1. VM TA instance isolation is implemented based on the global TA.
  2. The VM-based deployment components of the intrinsic cryptographic module with SDF APIs are optimized based on the OLK 6.6 kernel.
  3. The intrinsic cryptographic module with SDF APIs supports dynamic core binding for TAs in VM-based deployment scenarios.

OpenSSL EVP engine provided by the commercial cryptographic module based on the SM3/4 algorithm

The commercial cryptographic module provides the OpenSSL EVP engine based on the SM3/4 algorithm.

Improved running specifications of the commercial cryptography application

  1. The number of TEE sessions supported by the iTrustee/CCOS is increased.
  2. The maximum number of session keys supported by the cryptographic module is increased to 300,000.
  3. The multi-thread concurrency specifications of the SDF CA are improved.
  4. An SDF CA process can start multiple devices.

Modified Features

None

Removed Features

None