Skip to content

Commit b980d46

Browse files
TheButlahTheButlah
authored
chore(secure-storage): set up cargo deb config for TA/CA (#866)
Just the config files, not any CI / scripting.
1 parent 8133e7f commit b980d46

File tree

3 files changed

+17
-1
lines changed

3 files changed

+17
-1
lines changed

optee/secure-storage/README.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,13 @@
11
# orb-optee-secure-storage
22

3-
A Rust implementation of an OP-TEE secure storage CLI. It implements a way to
3+
A Rust implementation of an OP-TEE secure storage API. It implements a way to
44
easily read/write to a persistent, encrypted binary file that is addressed by a
55
string key. Secure storage is ultimately backed by the jetson-fuse-derived
66
[secure storage key](SSK), so this binary does *not* interact with the secure element
77
at all - it merely requires /usr/persistent/tee to not be corrupted.
88

9+
It is accessible via either CLI or as a crate.
10+
911
## Motivation
1012

1113
Good security practices dictate that access to CAs should be as narrow/limited as possible.

optee/secure-storage/ca/Cargo.toml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
11
[package]
22
name = "orb-secure-storage-ca"
33
version = "0.0.0"
4+
description = "CLI to talk to the orb-secure-storage TA"
5+
authors = ["Ryan Butler <[email protected]>"]
6+
publish = false
7+
48
edition.workspace = true
59
license.workspace = true
610
repository.workspace = true
@@ -26,3 +30,6 @@ unsupported_targets = [
2630
"x86_64-apple-darwin",
2731
"x86_64-unknown-linux-gnu",
2832
]
33+
34+
[package.metadata.deb]
35+
assets = [["target/release/orb-secure-storage-ca", "/usr/local/bin/", "755"]]

optee/secure-storage/ta/Cargo.toml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
11
[package]
22
name = "orb-secure-storage-ta"
33
version = "0.0.0"
4+
authors = ["Ryan Butler <[email protected]>"]
5+
description = "orb-secure-storage TA"
6+
publish = false
7+
48
edition.workspace = true
59
license.workspace = true
610
repository.workspace = true
@@ -21,3 +25,6 @@ orb-secure-storage-proto.path = "../proto"
2125

2226
[package.metadata.orb-optee]
2327
uuid_path = "../uuid.txt"
28+
29+
[package.metadata.deb]
30+
assets = [["target/release/*.ta", "/usr/lib/optee_armtz/", "540"]]

0 commit comments

Comments
 (0)