Asymmetric Signature and Signature Verification in the Secure OS

4.3.4

Test the performance of asymmetric signature and signature verification in the secure OS.

See Test Networking.

1. The TrustZone kit has been burnt into the server and the TrustZone license has been activated.
2. The REE patch has been loaded to the server. The CA and TA can be loaded and can communicate with each other properly.

1. Log in to the REE OS and load the TrustZone REE patch tzdriver. (See Expected Result 1.)

   insmod tzdriver

   /usr/bin/teecd &

2. Write the CA and TA and make the following requirements on the CA and TA code. (See Expected Result 2.)
   • Calculate the duration from the time when the CA delivers the command to the time when the signature is returned to the REE. The signature process calculates only the digest data. The duration does not include the times of generating the key and digest.
   • Calculate the duration from the time when the CA delivers the command to the time when the decrypted digest is returned. The signature process calculates only the digest data. The duration does not include the times of generating the key and digest.
   • The algorithms are TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256 and TEE_ALG_SM2_DSA_SM3.

1. The REE patch is loaded and no error information is displayed.
2. The performance data can be obtained.