Session Abstract

PKCS#11 specification allows standard security packages like OpenSSL to leverage data storage and keys management in backend secure systems.

During this session, we will present today's state of open source implementations of PKCS#11 tokens in OP-TEE environment. A trusted application handles the PKCS#11 services. A Linux use library interfaces the client application, possibly OpenSSL, with the trusted application. This presentation and the questions are planned for the about 1/2h.

Afterward we propose a deep dive in the source code, to explain and get feedback on some implementation details.

This session is a follow-up of HKG18-402.

Session Speakers

Etienne Carriere

ST sw engineer (STMicroelectronics)

Etienne Carrière is an embedded software engineer at STMicroelectronics currently assigned to the Linaro Security Working Group. He is working on boot and kernel layers on Linux based embedded systems since the beginning of the century and is involved in the OP-TEE project since 2013.

Rouven Czerwinski

Developer (Pengutronix e.K.)

At first building the lab grid hardware access layer, Rouven nowadays works on security solutions for embedded devices.