doc: describe the scp03 command

The Secure Channel Protocol 03 command sends control requests (enable/provision) to the TEE implementing the protocol between the processor and the secure element. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Simon Glass <sjg@chromium.org>
2021-02-14 16:27:26 +01:00 · 2021-02-14 16:27:26 +01:00 · ffd8483b3c
parent 5a8783c80c
commit ffd8483b3c
2 changed files with 34 additions and 0 deletions
--- a/doc/usage/index.rst
+++ b/doc/usage/index.rst
@ -33,3 +33,4 @@ Shell commands
   qfw
   sbi
   true
+   scp03
--- a/doc/usage/scp03.rst
+++ b/doc/usage/scp03.rst
@ -0,0 +1,33 @@
+.. SPDX-License-Identifier: GPL-2.0+
+
+scp03 command
+=============
+
+Synopsis
+--------
+
+::
+
+    scp03 enable
+    scp03 provision
+
+Description
+-----------
+
+The *scp03* command calls into a Trusted Application executing in a
+Trusted Execution Environment to enable (if present) the Secure
+Channel Protocol 03 stablished between the processor and the secure
+element.
+
+This protocol encrypts all the communication between the processor and
+the secure element using a set of pre-defined keys. These keys can be
+rotated (provisioned) using the *provision* request.
+
+See also
+--------
+
+For some information on the internals implemented in the TEE, please
+check the GlobalPlatform documentation on `Secure Channel Protocol '03'`_
+
+.. _Secure Channel Protocol '03':
+   https://globalplatform.org/wp-content/uploads/2014/07/GPC_2.3_D_SCP03_v1.1.2_PublicRelease.pdf