Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Creating a Project

Prerequisites

  • The server and OS are running properly.
  • An SSH remote login tool has been installed on the local PC.
  • The Kunpeng DevKit is running properly. The Development Assistant tool and Compiler and Debugger tool have been installed in the Kunpeng DevKit.
  • TrustZone has been enabled on the target server. For details about how to enable TrustZone, see Kunpeng BoostKit Confidential Computing TrustZone Kit Feature Guide. (The target server OS must be CentOS 7.6, openEuler 20.03 LTS SP1, UOS 20 SP1, or Kylin V10.)

Procedure

  1. Access the Kunpeng DevKit, click Development, and click next to Development Assistant. The Kunpeng Application Projects page is displayed. See Figure 1.
    Figure 1 Kunpeng Application Projects page
  2. Click Secure Computing Application. The Secure Computing Application page is displayed.
    Figure 2 Secure Computing Application page
  3. Select GlobalPlatform-Compliant TEE Application. On the left pane of the displayed page, select Empty project for Project Type, and then import the signature private key file and config binary file.
    Figure 3 Creating an empty project
    Table 1 Parameter settings (1)

    Parameter

    Description

    Project Type

    Project type, which can be:

    • Template project
      • CA Project
      • TA Project
      • RSA Project
      • Data Sealing
      • Secret Vote
      • Cert Assign
    • Empty project
    NOTE:
    • A CA project runs in the REE, and a TA project runs in the TEE. An RSA project implements secure communication based on the CA and TA projects.
    • A data sealing project includes CA and TA projects. The TEE secure storage interface is used to store confidential data.
    • A secret voting project includes CA and TA projects and is based on Advanced Encryption Standard (AES) and RSA encryption.
    • A certificate assignment project includes CA and TA projects. Certificates are issued based on the RSA and SM2 algorithms.

    Dependencies:

    1. Ensure that kunpeng-sc has been installed. (For data sealing and secret voting projects, ensure that kunpeng-sc-devel has been installed. For certificate assignment projects, ensure that the confidential computing SDK and kunpeng-sc-devel have been installed.)
    2. Run the lsmod | grep tzdriver command to check that the tzdriver is properly loaded.
    3. Run the ps -ef| grep teecd command to check that the daemon is properly started.

    Project Name

    Name of the project to be created. The default project name is xxx_ProjectN, which can be modified as required.

    NOTE:
    • N is an integer starting from 1 in ascending order.
    • The project name can contain 1 to 64 characters, including only letters, digits, periods (.), hyphens (-), plus signs (+), parentheses (), and underscores (_), and cannot start with a period (.).

    Project Location

    Storage path of the project to be created. The default project location is C:\Users\username\KunpengProject, which can be modified as required.

    (Optional) Signature Private Key

    Import the signature private key file.

    (Optional) Config Binary

    Import the binary configuration file.

    For details about how to generate the signature private key file and a config binary file, see Applying for a TA Developer Certificate in a Debugging Environment in the Kunpeng BoostKit Confidential Computing TrustZone Kit Feature Guide.

  4. Click Next. Configure the target node information, select Online deployment for Deployment Method and kunpeng-sc-devel for SDK Type, and click Create.
    Figure 4 Configuring project parameters
    Table 2 Parameter settings (2)

    Parameter

    Description

    Deploy Server
    • Existing
    • New
    • Configure later
    NOTE:

    The new server will be added to the target server management.

    IP Address

    IP address of the target node for subsequent operations.

    SSH Port

    SSH port number of the target node.

    User Name

    Account of the target node for subsequent operations.

    Password

    Password of the target node user.

    Remember password

    If you select this option, the password of the current server user will be remembered.

    Storage Directory

    Storage directory on the target node.

    NOTE:

    The tool reads and writes the content in the storage directory. To avoid data loss, you are advised to use an empty directory.

    Deploy SDK When Creating Project

    Yes: deploys the SDK.

    No: does not deploy the SDK.

    Deploy SDK

    Select an SDK deployment mode.

    • Online deployment
      • kunpeng-sc
      • kunpeng-sc-devel
    • Offline deployment
      • kunpeng-sc
      • kunpeng-sc-devel
    NOTE:
    • If you select Online deployment, the server must be connected to the Internet. In an isolated network environment, you need to use a proxy to access the Internet.
    • If you select Offline deployment, the SDK is imported from the local host. Download the SDK to the local host and upload it.

    For online deployment, ensure that the network connection of the target server is normal. If no network connection is available, select Offline deployment, download the latest SDK installation package corresponding to the OS of the target node, and upload and install the SDK.

    The download link contains multiple versions. Download the latest version.

    Figure 5 Deploying the SDK offline
  5. In the displayed dialog box, confirm that the TrustZone function is enabled and click OK to create an empty project and deploy the SDK.
    Figure 6 Confirming that TrustZone has been enabled
  6. After the project is created, click Open Project to open it in the current window.
    Figure 7 Opening a project
  7. In the left pane, click EXPLORER to open the src/hello-world directory, which contains CA and TA example code.
    Figure 8 Viewing the example code