Remove RSA PKCS#1 v1.5 support from cert_tool

Support for PKCS#1 v1.5 was deprecated in SHA 1001202 and fully removed
in SHA fe199e3, however, cert_tool is still able to generate
certificates in tha

Remove RSA PKCS#1 v1.5 support from cert_tool

Support for PKCS#1 v1.5 was deprecated in SHA 1001202 and fully removed
in SHA fe199e3, however, cert_tool is still able to generate
certificates in that form. This patch fully removes the ability for
cert_tool to generate these certificates.

Additionally, this patch also fixes a bug where the issuing certificate
was a RSA and the issued certificate was EcDSA. In this case, the issued
certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per
PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now
that PKCS#1 v1.5 support is removed, all certificates that are signed
with RSA now use the more modern padding scheme.

Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Add cert_create tool support for RSA key sizes

cert_tool is now able to accept a command line option for specifying the
key size. It now supports the following options: 1024, 2048 (default),
3072 an

Add cert_create tool support for RSA key sizes

cert_tool is now able to accept a command line option for specifying the
key size. It now supports the following options: 1024, 2048 (default),
3072 and 4096. This is also modifiable by TFA using the build flag
KEY_SIZE.

Change-Id: Ifadecf84ade3763249ee8cc7123a8178f606f0e5
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Merge "Reduce the number of memory leaks in cert_create" into integration

Reduce the number of memory leaks in cert_create

The valgrind checks for cert_create have not been run in a long while -
as such there are a few memory leaks present. This patch fixes a few of
the m

Reduce the number of memory leaks in cert_create

The valgrind checks for cert_create have not been run in a long while -
as such there are a few memory leaks present. This patch fixes a few of
the major ones reported by valgrind. However, a few do remain.

Change-Id: Iab002fb2b0090043287d43fb54a4d18928c2ed85
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Merge pull request #1456 from robertovargas-arm/make_cert

make_cert: return error when invalid options are used

make_cert: return error when invalid options are used

Print_help was used in different contexts and returning no
error in that function was hiding the error when incorrect
options were used.

Change

make_cert: return error when invalid options are used

Print_help was used in different contexts and returning no
error in that function was hiding the error when incorrect
options were used.

Change-Id: Ic3f71748be7ff8440c9d54810b986e9f177f4439
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>

show more ...

Merge pull request #1165 from geesun/qx/support-sha512

Add support sha512 for hash algorithm

tools: add an option -hash-alg for cert_create

This option enables the user to select the secure hash algorithm
to be used for generating the hash. It supports the following
options:
- sha256 (d

tools: add an option -hash-alg for cert_create

This option enables the user to select the secure hash algorithm
to be used for generating the hash. It supports the following
options:
- sha256 (default)
- sha384
- sha512

Change-Id: Icb093cec1b5715e248c3d1c3749a2479a7ab4b89
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>

show more ...

Merge pull request #1120 from michpappas/tf-issues#521_cert_tool_does_not_build_with_openssl_v1.1

cert_tool: update for compatibility with OpenSSL v1.1

cert_tool: update for compatibility with OpenSSL v1.1

This patch fixes incompatibility issues that prevent building the cert_tool
with OpenSSL >= v1.1.0. The changes introduced are still backwards
c

cert_tool: update for compatibility with OpenSSL v1.1

This patch fixes incompatibility issues that prevent building the cert_tool
with OpenSSL >= v1.1.0. The changes introduced are still backwards
compatible with OpenSSL v1.0.2.

Fixes arm-software/trusted-fw#521

Signed-off-by: Michalis Pappas <mpappas@fastmail.fm>

show more ...

Merge pull request #1080 from soby-mathew/eb/RSA-PKCS1-5_support_1

Support legacy RSA PKCS#1 v1.5 in cert create

cert_tool: Support for legacy RSA PKCS#1 v1.5

This patch enables choice of RSA version at run time to be used for
generating signatures by the cert_tool. The RSA PSS as defined in
PKCS#1 v2.1 become

cert_tool: Support for legacy RSA PKCS#1 v1.5

This patch enables choice of RSA version at run time to be used for
generating signatures by the cert_tool. The RSA PSS as defined in
PKCS#1 v2.1 becomes the default version and this patch enables to specify
the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
-a option. Also, the build option `KEY_ALG` can be used to pass this
option from the build system. Please note that RSA PSS is mandated
by Trusted Board Boot requirements (TBBR) and legacy RSA support is
being added for compatibility reasons.

Fixes ARM-Software/tf-issues#499
Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
Co-Authored-By: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>

show more ...

Merge pull request #1029 from islmit01/im/fix_includes

Fix order of includes

Fix order of #includes

This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported

Fix order of #includes

This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.

Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>

show more ...

Merge pull request #938 from masahir0y/tools_share

Collect headers shared between TF and host-tools into include/tools_share

cert: move platform_oid.h to include/tools_share for all platforms

Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide a

cert: move platform_oid.h to include/tools_share for all platforms

Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).

For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd. This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.

The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h

Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.

For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Merge pull request #925 from dp-arm/dp/spdx

Use SPDX license identifiers

Use SPDX license identifiers

To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.

NOTE: Files that have been imported by

Use SPDX license identifiers

To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.

NOTE: Files that have been imported by FreeBSD have not been modified.

[0]: https://spdx.org/

Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

show more ...

Merge pull request #833 from masahir0y/cert_create

Bug fix and cleanup of cert_create tool

cert_create: remove unneeded initializers

These variables store return values of functions. Remove all of
meaningless initializers.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

cert_create: fix memory leak bug caused by key container overwrite

In the current code, both key_load() and key_create() call key_new()
to allocate a key container (and they do not free it even if t

cert_create: fix memory leak bug caused by key container overwrite

In the current code, both key_load() and key_create() call key_new()
to allocate a key container (and they do not free it even if they
fail). If a specific key is not given by the command option,
key_load() fails, then key_create() is called. At this point, the
key container that has been allocated in key_load() is still alive,
and it is overwritten by a new key container created by key_create().

Move the key_new() call to the main() function to make sure it is
called just once for each descriptor.

While we are here, let's fix one more bug; the error handling code
ERROR("Malloc error while loading '%s'\n", keys[i].fn);
is wrong because keys[i].fn is NULL pointer unless a specific key is
given by the command option. This code could be run in either case.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

show more ...

Merge pull request #657 from yatharth-arm/yk/genfw-1505

Fix `cert_create` tool for Segmentation fault

Fix `cert_create` tool for Segmentation fault

With the introduction of commit `96103d5a`, the Certificate
Generation tool is not able to generate FWU certificate and
while doing so it does segmentat

Fix `cert_create` tool for Segmentation fault

With the introduction of commit `96103d5a`, the Certificate
Generation tool is not able to generate FWU certificate and
while doing so it does segmentation fault.

This happens because it is now required to pass non-volatile
counter values to the `cert_create` tool from the command line
for creating the trusted firmware certificates.

But in case of creating FWU certificate these counter values are not
being passed to the tool and as a consequence the `cert_create` tool
try to use the NULL argument and errors out with Segmentation fault.

This patch fixes this issue by providing a check before using the
command line argument passed in the case of `EXT_TYPE_NVCOUNTER`
certificate extension.

Change-Id: Ie17d0c1502b52aaa8500f3659c2da2448ab0347a

show more ...

Merge pull request #572 from jcastillo-arm/jc/tbb_nvcounter

TBB NVcounter support

cert_create: add non-volatile counter support

This patch adds non-volatile counter support to the Certificate
Generation tool. The TBBR Chain of Trust definition in the tool
has been extended to inc

cert_create: add non-volatile counter support

This patch adds non-volatile counter support to the Certificate
Generation tool. The TBBR Chain of Trust definition in the tool
has been extended to include the counters as certificate extensions.
The counter values can be specified in the command line.

The following default counter values are specified in the build
system:

* Trusted FW Non-Volatile counter = 0
* Non-Trusted FW Non-Volatile counter = 0

These values can be overridden by the platform at build time.

Change-Id: I7ea10ee78d72748d181df4ee78a7169b3ef2720c

show more ...