--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <meta http-equiv="X-UA-Compatible" content="IE=9" />
+ <link rel="stylesheet" type="text/css" href="../css/styles.css" />
+ <link rel="stylesheet" type="text/css" href="../css/snippet.css" />
+ <script type="text/javascript" src="../scripts/snippet.js"></script>
+ <script type="text/javascript" src="../scripts/jquery.util.js" charset="utf-8"></script>
+ <script type="text/javascript" src="../scripts/common.js" charset="utf-8"></script>
+ <script type="text/javascript" src="../scripts/core.js" charset="utf-8"></script>
+ <script type="text/javascript" src="../scripts/search.js" charset="utf-8"></script>
+
+ <title>TEE Communication</title>
+</head>
+
+<body onload="prettyPrint()" style="overflow: auto;">
+
+<div id="toc-navigation">
+ <div id="profile">
+ <p><img alt="Mobile C#" src="../images/mobile_s_cs.png"/> <img alt="TV C#" src="../images/tv_s_cs.png"/></p>
+ </div>
+
+ <div id="toc_border"><div id="toc">
+ <p class="toc-title">Dependencies</p>
+ <ul class="toc">
+ <li>Tizen 4.0 and Higher for Mobile and TV</li>
+ </ul>
+ <p class="toc-title">Content</p>
+ <ul class="toc">
+ <li><a href="#prerequisites">Prerequisites</a></li>
+ <li><a href="#connecting_applications">Connecting Applications</a></li>
+ <li><a href="#sending_secure_commands">Sending Secure Commands</a></li>
+ <li><a href="#using_shared_memory">Using Shared Memory</a></li>
+ </ul>
+ <p class="toc-title">Related Info</p>
+ <ul class="toc">
+ <li><a href="https://developer.tizen.org/dev-guide/csapi/namespaceTizen_1_1Security_1_1TEEC.html">Tizen.Security.TEEC Namespace</a></li>
+ </ul>
+ </div></div>
+</div>
+
+<div id="container"><div id="contents"><div class="content">
+
+<h1>TEE Communication</h1>
+<p>You can create secure communications by executing your application in a trusted execution environment (TEE), and communicating with other applications within that environment. To implement TEE communication, you can use the libteec API, which is based on the GlobalPlatform® <a href="https://www.globalplatform.org/specificationsdevice.asp" target="_blank">TEE Client API</a>.</p>
+
+<p>You can run applications in 2 environments: a rich world (like Linux) with client applications (CA) and a secure world with trusted applications (TA).</p>
+
+<p align="center"><strong>Figure: TEE communication architecture</strong></p>
+<p align="center"><img alt="TEE communication architecture" src="../images/libteec_architecture.png" /></p>
+
+<p>The main features of the Tizen.Security.TEEC namespace include:</p>
+<ul>
+ <li>Connecting to a trusted application
+ <p>You can securely <a href="#connecting_applications">connect to a trusted application</a> by creating a new session.</p></li>
+ <li>Sending commands to a trusted application
+ <p>You can <a href="#sending_secure_commands">pass commands from a client application to a trusted application</a>, including <a href="#using_shared_memory">using shared memory blocks</a>.</p></li>
+</ul>
+
+<h2 id="prerequisites">Prerequisites</h2>
+<p>To enable your application to use the TEE communication functionality:</p>
+<ol>
+ <li>To make your application visible in the Tizen Store only for devices that support TEE communication, the application must specify the following feature in the <code>tizen-manifest.xml</code> file:
+
+<pre class="prettyprint">
+<feature name="http://tizen.org/feature/security.tee"/>
+</pre>
+
+<p>You can also check whether a device supports the Tizen.Security.TEEC namespace by using the <code>TryGetValue()</code> method of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1System_1_1SystemInfo.html">Tizen.System.SystemInfo</a> class and accordingly enabling or disabling the code requiring the namespace:</p>
+
+<pre class="prettyprint">
+const string TEEC_FEATURE_KEY = "http://tizen.org/feature/security.tee";
+bool ret;
+
+if (SystemInfo.TryGetValue<bool>(TEEC_FEATURE_KEY, out ret) == false)
+{
+ /// Error handling
+}
+</pre>
+
+<div class="note">
+<strong>Note</strong>
+In TV applications, you can test the TEE communication functionality on an emulator only. Most target devices do not currently support this feature.
+</div>
+</li>
+ <li>To use the methods and properties of the <a href="https://developer.tizen.org/dev-guide/csapi/namespaceTizen_1_1Security_1_1TEEC.html">Tizen.Security.TEEC</a> namespace, include it in your application:
+<pre class="prettyprint">
+using Tizen.Security.TEEC;
+</pre>
+ </li>
+ <li>Initialize a new TEEC context by creating an instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Context.html">Tizen.Security.TEEC.Context</a> class:
+<pre class="prettyprint">
+Context ctx = new Context(null);
+</pre>
+<p>When it is no longer needed, destroy the TEEC context:</p>
+<pre class="prettyprint">
+ctx.Dispose();
+</pre>
+</li>
+
+</ol>
+
+<h2 id="connecting_applications">Connecting Applications</h2>
+<p>To communicate between applications, you must connect a client application to a trusted application by creating a session:</p>
+<ol>
+ <li>Open a session with the <code>OpenSession()</code> method of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Context.html">Tizen.Security.TEEC.Context</a> class, which returns the session as a new instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Session.html">Tizen.Security.TEEC.Session</a> class.
+<pre class="prettyprint">
+Guid ta_uuid = new Guid(" "); /// Trusted application GUID
+try
+{
+ Session ses = ctx.OpenSession(ta_uuid);
+</pre></li>
+ <li>When it is no longer needed, close the session with the <code>Close()</code> method of the <code>Tizen.Security.TEEC.Session</code> class:
+<pre class="prettyprint">
+ ses.Close();
+}
+catch (Exception e)
+{
+ /// Error handling
+}
+</pre></li>
+</ol>
+
+<h2 id="sending_secure_commands">Sending Secure Commands</h2>
+<p>After opening a session with a trusted application, a client application can execute functions in the trusted application by sending secure commands to the trusted application.</p>
+<p>To send function call commands:</p>
+<ul>
+ <li>To send a command for invoking a function without parameters, use the <code>InvokeCommand()</code> method of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Session.html">Tizen.Security.TEEC.Session</a> class, with the first parameter identifying the function to be executed by the trusted application:
+<pre class="prettyprint">
+try
+{
+ ses.InvokeCommand(1, null);
+}
+catch (Exception e)
+{
+ /// Error handling
+}
+</pre></li>
+ <li>To send a command for invoking a function with simple integer parameters:
+ <ol>
+ <li>Create the parameters as new instances of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Value.html">Tizen.Security.TEEC.Value</a> class:
+<pre class="prettyprint">
+try
+{
+ Value p1 = new Value(1, 2, TEFValueType.InOut);
+ Value p2 = new Value(10, 200, TEFValueType.InOut);
+</pre>
+ </li>
+ <li>Send the command to the trusted application with the <code>InvokeCommand()</code> method of the <code>Tizen.Security.TEEC.Session</code> class. The second parameter is a new instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Parameter.html">Tizen.Security.TEEC.Parameter</a> class containing the 2 integer parameter values.
+<pre class="prettyprint">
+ ses.InvokeCommand(1, new Parameter[] {p1, p2});
+}
+catch (Exception e)
+{
+ /// Error handling
+}
+</pre>
+</li>
+ </ol>
+</li>
+ <li>To send a command for invoking a function with a local memory reference as a parameter:
+ <ol>
+ <li>Create a temporary memory reference as a new instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1TempMemoryReference.html">Tizen.Security.TEEC.TempMemoryReference</a> class:
+<pre class="prettyprint">
+try
+{
+ long val=10;
+ TempMemoryReference p1 = new TempMemoryReference((IntPtr)(&val), 1024, TEFTempMemoryType.InOut);
+</pre>
+</li>
+ <li>Send the command to the trusted application with the <code>InvokeCommand()</code> method of the <code>Tizen.Security.TEEC.Session</code> class. The second parameter is a new instance of the <code>Tizen.Security.TEEC.Parameter</code> class containing the memory reference.
+<pre class="prettyprint">
+ ses.InvokeCommand(1, new Parameter[] {p1});
+}
+catch (Exception e)
+{
+ /// Error handling
+}
+</pre>
+ </li>
+ </ol>
+ </li>
+
+</ul>
+
+<h2 id="using_shared_memory">Using Shared Memory</h2>
+<p>To share a memory block between a client application and a trusted application:</p>
+<ul>
+ <li>To send a function call command to the trusted application, including an allocated shared memory reference:
+ <ol>
+ <li>Allocate a new memory block as shared memory with the <code>AllocateSharedMemory()</code> method of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Context.html">Tizen.Security.TEEC.Context</a> class, which returns the block as a new instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1SharedMemory.html">Tizen.Security.TEEC.SharedMemory</a> class:
+<pre class="prettyprint">
+try
+{
+ SharedMemory shm = ctx.AllocateSharedMemory(1024, SharedMemoryFlags.InOut);
+</pre>
+</li>
+ <li>Register a memory reference based on the shared memory block by creating a new instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1RegisteredMemoryReference.html">Tizen.Security.TEEC.RegisteredMemoryReference</a> class, and send the function call command to the trusted application with the <code>InvokeCommand()</code> method of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Session.html">Tizen.Security.TEEC.Session</a> class. The registered memory reference is passed in a new instance of the <a href="https://developer.tizen.org/dev-guide/csapi/classTizen_1_1Security_1_1TEEC_1_1Parameter.html">Tizen.Security.TEEC.Parameter</a> class.
+<pre class="prettyprint">
+ RegisteredMemoryReference p1 = new RegisteredMemoryReference(shm, 1024, 0, RegisteredMemoryReference.InOut);
+ ses.InvokeCommand(1, new Parameter[] {p1});
+</pre>
+ </li>
+ <li>Release the shared memory:
+<pre class="prettyprint">
+ ctx.ReleaseSharedMemory(shm);
+}
+catch (Exception e)
+{
+ /// Error handling
+}
+</pre>
+ </li>
+ </ol></li>
+ <li>Send a function call command to the trusted application, including an external shared memory reference:
+ <ol>
+ <li>Register a block of existing client application memory as shared memory with the <code>RegisterSharedMemory()</code> method of the <code>Tizen.Security.TEEC.Context</code> class, which returns the block as a new instance of the <code>Tizen.Security.TEEC.SharedMemory</code> class:
+<pre class="prettyprint">
+try
+{
+ IntPtr memaddr = <Some memory address>;
+ SharedMemory shm = ctx.RegisterSharedMemory(memaddr, 1024, SharedMemoryFlags.InOut);
+</pre>
+ </li>
+ <li>Register a memory reference based on the shared memory block by creating a new instance of the <code>Tizen.Security.TEEC.RegisteredMemoryReference</code> class, and send the function call command to the trusted application with the <code>InvokeCommand()</code> method of the <code>Tizen.Security.TEEC.Session</code> class. The registered memory reference is passed in a new instance of the <code>Tizen.Security.TEEC.Parameter</code> class.
+<pre class="prettyprint">
+ RegisteredMemoryReference p1 = new RegisteredMemoryReference(shm, 1024, 0, RegisteredMemoryReference.InOut);
+ ses.InvokeCommand(1, new Parameter[] {p1});
+</pre>
+ </li>
+ <li>Release the shared memory:
+<pre class="prettyprint">
+ ctx.ReleaseSharedMemory(shm);
+}
+catch (Exception e)
+{
+ /// Error handling
+}
+</pre>
+ </li>
+ </ol>
+</li>
+</ul>
+
+
+<script type="text/javascript" src="../scripts/jquery.zclip.min.js"></script>
+<script type="text/javascript" src="../scripts/showhide.js"></script>
+</div></div></div>
+
+<a class="top sms" href="#"><img src="../images/btn_top.gif" alt="Go to top" /></a>
+
+<div id="footer">
+<p class="footer">Except as noted, this content - excluding the Code Examples - is licensed under <a href="http://creativecommons.org/licenses/by/3.0/legalcode" target="_blank">Creative Commons Attribution 3.0</a> and all of the Code Examples contained herein are licensed under <a href="https://www.tizen.org/bsd-3-clause-license" target="_blank">BSD-3-Clause</a>.<br/>For details, see the <a href="https://www.tizen.org/content-license" target="_blank">Content License</a>.</p>
+</div>
+
+<script type="text/javascript">
+var _gaq = _gaq || [];
+_gaq.push(['_setAccount', 'UA-25976949-1']);
+_gaq.push(['_trackPageview']);
+(function() {
+var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
+ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
+var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
+})();
+</script>
+
+</body>
+</html>
projects / sdk / online-doc.git / commitdiff
