From: Editor Lionbridge Date: Wed, 14 Jun 2017 11:03:37 +0000 (+0300) Subject: Add .NET Libteec Guide X-Git-Tag: GitHub/PR#40/tizen-studio~46^2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F71%2F134071%2F6;p=sdk%2Fonline-doc.git Add .NET Libteec Guide Note that since the general structure of the .NET content is still open, the new topic has not been added to any index files, and there is no parent topic introducing the .NET guides. Also, since there is no .NET AR content in git, all AR links lead directly to TD. PS2: Prerequisites updated based on comments PS3: Copy-paste fix PS4: Updated with AR links, since the AR content became available PS5: Changed the order of the prerequisites section to be consistent with other .NET content. PS6: Removed "building dependency" prerequisite as per comments. Change-Id: Idce756fd83c1da853c76202dabb5df1552c7159c --- diff --git a/org.tizen.guides/html/dotnet/libteec.htm b/org.tizen.guides/html/dotnet/libteec.htm new file mode 100644 index 0000000..5966c05 --- /dev/null +++ b/org.tizen.guides/html/dotnet/libteec.htm @@ -0,0 +1,269 @@ + + + + + + + + + + + + + + TEE Communication + + + + +
+
+

Mobile C# TV C#

+
+ +
+

Dependencies

+
    +
  • Tizen 4.0 and Higher for Mobile and TV
    • +
+

Content

+ +

Related Info

+ +
+
+ +
+ +

TEE Communication

+

You can create secure communications by executing your application in a trusted execution environment (TEE), and communicating with other applications within that environment. To implement TEE communication, you can use the libteec API, which is based on the GlobalPlatform® TEE Client API.

+ +

You can run applications in 2 environments: a rich world (like Linux) with client applications (CA) and a secure world with trusted applications (TA).

+ +

Figure: TEE communication architecture

+

TEE communication architecture

+ +

The main features of the Tizen.Security.TEEC namespace include:

+ + +

Prerequisites

+

To enable your application to use the TEE communication functionality:

+
    +
  1. To make your application visible in the Tizen Store only for devices that support TEE communication, the application must specify the following feature in the tizen-manifest.xml file: + +
    +<feature name="http://tizen.org/feature/security.tee"/>
+
    + +

    You can also check whether a device supports the Tizen.Security.TEEC namespace by using the TryGetValue() method of the Tizen.System.SystemInfo class and accordingly enabling or disabling the code requiring the namespace:

    + +
    +const string TEEC_FEATURE_KEY = "http://tizen.org/feature/security.tee";
+bool ret;
+
+if (SystemInfo.TryGetValue<bool>(TEEC_FEATURE_KEY, out ret) == false)
+{
+    /// Error handling
+}
+
    + +
    +Note +In TV applications, you can test the TEE communication functionality on an emulator only. Most target devices do not currently support this feature. +
    +
    2. +
  2. To use the methods and properties of the Tizen.Security.TEEC namespace, include it in your application: +
    +using Tizen.Security.TEEC;
+
    +
    3. +
  3. Initialize a new TEEC context by creating an instance of the Tizen.Security.TEEC.Context class: +
    +Context ctx = new Context(null);
+
    +

    When it is no longer needed, destroy the TEEC context:

    +
    +ctx.Dispose();
+
    +
    4. + +
+ +

Connecting Applications

+

To communicate between applications, you must connect a client application to a trusted application by creating a session:

+
    +
  1. Open a session with the OpenSession() method of the Tizen.Security.TEEC.Context class, which returns the session as a new instance of the Tizen.Security.TEEC.Session class. +
    +Guid ta_uuid = new Guid("  "); /// Trusted application GUID
+try
+{
+    Session ses = ctx.OpenSession(ta_uuid);
+
    2. +
  2. When it is no longer needed, close the session with the Close() method of the Tizen.Security.TEEC.Session class: +
    +    ses.Close();
+}
+catch (Exception e)
+{
+    /// Error handling
+}
+
    3. +
+ +

Sending Secure Commands

+

After opening a session with a trusted application, a client application can execute functions in the trusted application by sending secure commands to the trusted application.

+

To send function call commands:

+
    +
  • To send a command for invoking a function without parameters, use the InvokeCommand() method of the Tizen.Security.TEEC.Session class, with the first parameter identifying the function to be executed by the trusted application: +
    +try
+{
+    ses.InvokeCommand(1, null);
+}
+catch (Exception e)
+{
+    /// Error handling
+}
+
    • +
  • To send a command for invoking a function with simple integer parameters: +
      +
    1. Create the parameters as new instances of the Tizen.Security.TEEC.Value class: +
      +try
+{
+    Value p1 = new Value(1, 2, TEFValueType.InOut);
+    Value p2 = new Value(10, 200, TEFValueType.InOut);
+
      +
      2. +
    2. Send the command to the trusted application with the InvokeCommand() method of the Tizen.Security.TEEC.Session class. The second parameter is a new instance of the Tizen.Security.TEEC.Parameter class containing the 2 integer parameter values. +
      +    ses.InvokeCommand(1, new Parameter[] {p1, p2});
+}
+catch (Exception e)
+{
+    /// Error handling
+}
+
      +
      3. +
    +
    • +
  • To send a command for invoking a function with a local memory reference as a parameter: +
      +
    1. Create a temporary memory reference as a new instance of the Tizen.Security.TEEC.TempMemoryReference class: +
      +try
+{
+    long val=10;
+    TempMemoryReference p1 = new TempMemoryReference((IntPtr)(&val), 1024, TEFTempMemoryType.InOut);
+
      +
      2. +
    2. Send the command to the trusted application with the InvokeCommand() method of the Tizen.Security.TEEC.Session class. The second parameter is a new instance of the Tizen.Security.TEEC.Parameter class containing the memory reference. +
      +    ses.InvokeCommand(1, new Parameter[] {p1});
+}
+catch (Exception e)
+{
+    /// Error handling
+}
+
      +
      3. +
    +
    • + +
+ +

Using Shared Memory

+

To share a memory block between a client application and a trusted application:

+
    +
  • To send a function call command to the trusted application, including an allocated shared memory reference: +
      +
    1. Allocate a new memory block as shared memory with the AllocateSharedMemory() method of the Tizen.Security.TEEC.Context class, which returns the block as a new instance of the Tizen.Security.TEEC.SharedMemory class: +
      +try
+{
+    SharedMemory shm = ctx.AllocateSharedMemory(1024, SharedMemoryFlags.InOut);
+
      +
      2. +
    2. Register a memory reference based on the shared memory block by creating a new instance of the Tizen.Security.TEEC.RegisteredMemoryReference class, and send the function call command to the trusted application with the InvokeCommand() method of the Tizen.Security.TEEC.Session class. The registered memory reference is passed in a new instance of the Tizen.Security.TEEC.Parameter class. +
      +    RegisteredMemoryReference p1 = new RegisteredMemoryReference(shm, 1024, 0, RegisteredMemoryReference.InOut);
+    ses.InvokeCommand(1, new Parameter[] {p1});
+
      +
      3. +
    3. Release the shared memory: +
      +    ctx.ReleaseSharedMemory(shm);
+}
+catch (Exception e)
+{
+    /// Error handling
+}
+
      +
      4. +
    • +
  • Send a function call command to the trusted application, including an external shared memory reference: +
      +
    1. Register a block of existing client application memory as shared memory with the RegisterSharedMemory() method of the Tizen.Security.TEEC.Context class, which returns the block as a new instance of the Tizen.Security.TEEC.SharedMemory class: +
      +try
+{
+    IntPtr memaddr = <Some memory address>;
+    SharedMemory shm = ctx.RegisterSharedMemory(memaddr, 1024, SharedMemoryFlags.InOut);
+
      +
      2. +
    2. Register a memory reference based on the shared memory block by creating a new instance of the Tizen.Security.TEEC.RegisteredMemoryReference class, and send the function call command to the trusted application with the InvokeCommand() method of the Tizen.Security.TEEC.Session class. The registered memory reference is passed in a new instance of the Tizen.Security.TEEC.Parameter class. +
      +    RegisteredMemoryReference p1 = new RegisteredMemoryReference(shm, 1024, 0, RegisteredMemoryReference.InOut);
+    ses.InvokeCommand(1, new Parameter[] {p1});
+
      +
      3. +
    3. Release the shared memory: +
      +    ctx.ReleaseSharedMemory(shm);
+}
+catch (Exception e)
+{
+    /// Error handling
+}
+
      +
      4. +
    +
    • +
+ + + + +
+ +Go to top + + + + + + + diff --git a/org.tizen.guides/html/images/libteec_architecture.png b/org.tizen.guides/html/images/libteec_architecture.png new file mode 100644 index 0000000..e60c0d8 Binary files /dev/null and b/org.tizen.guides/html/images/libteec_architecture.png differ