1ad43c49eSManish V Badarkhe /* 2ad43c49eSManish V Badarkhe * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. 3ad43c49eSManish V Badarkhe * 4ad43c49eSManish V Badarkhe * SPDX-License-Identifier: BSD-3-Clause 5ad43c49eSManish V Badarkhe */ 6ad43c49eSManish V Badarkhe 7ad43c49eSManish V Badarkhe #include <stddef.h> 8ad43c49eSManish V Badarkhe 9ad43c49eSManish V Badarkhe #include <platform_def.h> 10ad43c49eSManish V Badarkhe #include <drivers/auth/mbedtls/mbedtls_config.h> 11ad43c49eSManish V Badarkhe 12ad43c49eSManish V Badarkhe #include <drivers/auth/auth_mod.h> 13ad43c49eSManish V Badarkhe #include <drivers/auth/tbbr_cot_common.h> 14ad43c49eSManish V Badarkhe #if USE_TBBR_DEFS 15ad43c49eSManish V Badarkhe #include <tools_share/tbbr_oid.h> 16ad43c49eSManish V Badarkhe #else 17ad43c49eSManish V Badarkhe #include <platform_oid.h> 18ad43c49eSManish V Badarkhe #endif 19ad43c49eSManish V Badarkhe 20ad43c49eSManish V Badarkhe static unsigned char soc_fw_hash_buf[HASH_DER_LEN]; 21ad43c49eSManish V Badarkhe static unsigned char tos_fw_hash_buf[HASH_DER_LEN]; 22ad43c49eSManish V Badarkhe static unsigned char tos_fw_extra1_hash_buf[HASH_DER_LEN]; 23ad43c49eSManish V Badarkhe static unsigned char tos_fw_extra2_hash_buf[HASH_DER_LEN]; 24ad43c49eSManish V Badarkhe static unsigned char trusted_world_pk_buf[PK_DER_LEN]; 25ad43c49eSManish V Badarkhe static unsigned char non_trusted_world_pk_buf[PK_DER_LEN]; 26ad43c49eSManish V Badarkhe static unsigned char content_pk_buf[PK_DER_LEN]; 27ad43c49eSManish V Badarkhe static unsigned char soc_fw_config_hash_buf[HASH_DER_LEN]; 28ad43c49eSManish V Badarkhe static unsigned char tos_fw_config_hash_buf[HASH_DER_LEN]; 29ad43c49eSManish V Badarkhe static unsigned char nt_fw_config_hash_buf[HASH_DER_LEN]; 30*68758dd6SManish Pandey #if defined(SPD_spmd) 31*68758dd6SManish Pandey static unsigned char sp_pkg_hash_buf[MAX_SP_IDS][HASH_DER_LEN]; 32*68758dd6SManish Pandey #endif /* SPD_spmd */ 33ad43c49eSManish V Badarkhe 34ad43c49eSManish V Badarkhe static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( 35ad43c49eSManish V Badarkhe AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID); 36ad43c49eSManish V Badarkhe static auth_param_type_desc_t trusted_world_pk = AUTH_PARAM_TYPE_DESC( 37ad43c49eSManish V Badarkhe AUTH_PARAM_PUB_KEY, TRUSTED_WORLD_PK_OID); 38ad43c49eSManish V Badarkhe static auth_param_type_desc_t non_trusted_world_pk = AUTH_PARAM_TYPE_DESC( 39ad43c49eSManish V Badarkhe AUTH_PARAM_PUB_KEY, NON_TRUSTED_WORLD_PK_OID); 40ad43c49eSManish V Badarkhe static auth_param_type_desc_t scp_fw_content_pk = AUTH_PARAM_TYPE_DESC( 41ad43c49eSManish V Badarkhe AUTH_PARAM_PUB_KEY, SCP_FW_CONTENT_CERT_PK_OID); 42ad43c49eSManish V Badarkhe static auth_param_type_desc_t soc_fw_content_pk = AUTH_PARAM_TYPE_DESC( 43ad43c49eSManish V Badarkhe AUTH_PARAM_PUB_KEY, SOC_FW_CONTENT_CERT_PK_OID); 44ad43c49eSManish V Badarkhe static auth_param_type_desc_t tos_fw_content_pk = AUTH_PARAM_TYPE_DESC( 45ad43c49eSManish V Badarkhe AUTH_PARAM_PUB_KEY, TRUSTED_OS_FW_CONTENT_CERT_PK_OID); 46ad43c49eSManish V Badarkhe static auth_param_type_desc_t nt_fw_content_pk = AUTH_PARAM_TYPE_DESC( 47ad43c49eSManish V Badarkhe AUTH_PARAM_PUB_KEY, NON_TRUSTED_FW_CONTENT_CERT_PK_OID); 48ad43c49eSManish V Badarkhe static auth_param_type_desc_t scp_fw_hash = AUTH_PARAM_TYPE_DESC( 49ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, SCP_FW_HASH_OID); 50ad43c49eSManish V Badarkhe static auth_param_type_desc_t soc_fw_hash = AUTH_PARAM_TYPE_DESC( 51ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, SOC_AP_FW_HASH_OID); 52ad43c49eSManish V Badarkhe static auth_param_type_desc_t soc_fw_config_hash = AUTH_PARAM_TYPE_DESC( 53ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, SOC_FW_CONFIG_HASH_OID); 54ad43c49eSManish V Badarkhe static auth_param_type_desc_t tos_fw_hash = AUTH_PARAM_TYPE_DESC( 55ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, TRUSTED_OS_FW_HASH_OID); 56ad43c49eSManish V Badarkhe static auth_param_type_desc_t tos_fw_config_hash = AUTH_PARAM_TYPE_DESC( 57ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, TRUSTED_OS_FW_CONFIG_HASH_OID); 58ad43c49eSManish V Badarkhe static auth_param_type_desc_t tos_fw_extra1_hash = AUTH_PARAM_TYPE_DESC( 59ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA1_HASH_OID); 60ad43c49eSManish V Badarkhe static auth_param_type_desc_t tos_fw_extra2_hash = AUTH_PARAM_TYPE_DESC( 61ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA2_HASH_OID); 62ad43c49eSManish V Badarkhe static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC( 63ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID); 64ad43c49eSManish V Badarkhe static auth_param_type_desc_t nt_fw_config_hash = AUTH_PARAM_TYPE_DESC( 65ad43c49eSManish V Badarkhe AUTH_PARAM_HASH, NON_TRUSTED_FW_CONFIG_HASH_OID); 66*68758dd6SManish Pandey #if defined(SPD_spmd) 67*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg1_hash = AUTH_PARAM_TYPE_DESC( 68*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG1_HASH_OID); 69*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg2_hash = AUTH_PARAM_TYPE_DESC( 70*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG2_HASH_OID); 71*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg3_hash = AUTH_PARAM_TYPE_DESC( 72*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG3_HASH_OID); 73*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg4_hash = AUTH_PARAM_TYPE_DESC( 74*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG4_HASH_OID); 75*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg5_hash = AUTH_PARAM_TYPE_DESC( 76*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG5_HASH_OID); 77*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg6_hash = AUTH_PARAM_TYPE_DESC( 78*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG6_HASH_OID); 79*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg7_hash = AUTH_PARAM_TYPE_DESC( 80*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG7_HASH_OID); 81*68758dd6SManish Pandey static auth_param_type_desc_t sp_pkg8_hash = AUTH_PARAM_TYPE_DESC( 82*68758dd6SManish Pandey AUTH_PARAM_HASH, SP_PKG8_HASH_OID); 83*68758dd6SManish Pandey #endif /* SPD_spmd */ 84ad43c49eSManish V Badarkhe 85ad43c49eSManish V Badarkhe /* 86ad43c49eSManish V Badarkhe * Trusted key certificate 87ad43c49eSManish V Badarkhe */ 88ad43c49eSManish V Badarkhe static const auth_img_desc_t trusted_key_cert = { 89ad43c49eSManish V Badarkhe .img_id = TRUSTED_KEY_CERT_ID, 90ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 91ad43c49eSManish V Badarkhe .parent = NULL, 92ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 93ad43c49eSManish V Badarkhe [0] = { 94ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 95ad43c49eSManish V Badarkhe .param.sig = { 96ad43c49eSManish V Badarkhe .pk = &subject_pk, 97ad43c49eSManish V Badarkhe .sig = &sig, 98ad43c49eSManish V Badarkhe .alg = &sig_alg, 99ad43c49eSManish V Badarkhe .data = &raw_data 100ad43c49eSManish V Badarkhe } 101ad43c49eSManish V Badarkhe }, 102ad43c49eSManish V Badarkhe [1] = { 103ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 104ad43c49eSManish V Badarkhe .param.nv_ctr = { 105ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 106ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 107ad43c49eSManish V Badarkhe } 108ad43c49eSManish V Badarkhe } 109ad43c49eSManish V Badarkhe }, 110ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 111ad43c49eSManish V Badarkhe [0] = { 112ad43c49eSManish V Badarkhe .type_desc = &trusted_world_pk, 113ad43c49eSManish V Badarkhe .data = { 114ad43c49eSManish V Badarkhe .ptr = (void *)trusted_world_pk_buf, 115ad43c49eSManish V Badarkhe .len = (unsigned int)PK_DER_LEN 116ad43c49eSManish V Badarkhe } 117ad43c49eSManish V Badarkhe }, 118ad43c49eSManish V Badarkhe [1] = { 119ad43c49eSManish V Badarkhe .type_desc = &non_trusted_world_pk, 120ad43c49eSManish V Badarkhe .data = { 121ad43c49eSManish V Badarkhe .ptr = (void *)non_trusted_world_pk_buf, 122ad43c49eSManish V Badarkhe .len = (unsigned int)PK_DER_LEN 123ad43c49eSManish V Badarkhe } 124ad43c49eSManish V Badarkhe } 125ad43c49eSManish V Badarkhe } 126ad43c49eSManish V Badarkhe }; 127ad43c49eSManish V Badarkhe /* 128ad43c49eSManish V Badarkhe * SCP Firmware 129ad43c49eSManish V Badarkhe */ 130ad43c49eSManish V Badarkhe static const auth_img_desc_t scp_fw_key_cert = { 131ad43c49eSManish V Badarkhe .img_id = SCP_FW_KEY_CERT_ID, 132ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 133ad43c49eSManish V Badarkhe .parent = &trusted_key_cert, 134ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 135ad43c49eSManish V Badarkhe [0] = { 136ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 137ad43c49eSManish V Badarkhe .param.sig = { 138ad43c49eSManish V Badarkhe .pk = &trusted_world_pk, 139ad43c49eSManish V Badarkhe .sig = &sig, 140ad43c49eSManish V Badarkhe .alg = &sig_alg, 141ad43c49eSManish V Badarkhe .data = &raw_data 142ad43c49eSManish V Badarkhe } 143ad43c49eSManish V Badarkhe }, 144ad43c49eSManish V Badarkhe [1] = { 145ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 146ad43c49eSManish V Badarkhe .param.nv_ctr = { 147ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 148ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 149ad43c49eSManish V Badarkhe } 150ad43c49eSManish V Badarkhe } 151ad43c49eSManish V Badarkhe }, 152ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 153ad43c49eSManish V Badarkhe [0] = { 154ad43c49eSManish V Badarkhe .type_desc = &scp_fw_content_pk, 155ad43c49eSManish V Badarkhe .data = { 156ad43c49eSManish V Badarkhe .ptr = (void *)content_pk_buf, 157ad43c49eSManish V Badarkhe .len = (unsigned int)PK_DER_LEN 158ad43c49eSManish V Badarkhe } 159ad43c49eSManish V Badarkhe } 160ad43c49eSManish V Badarkhe } 161ad43c49eSManish V Badarkhe }; 162ad43c49eSManish V Badarkhe static const auth_img_desc_t scp_fw_content_cert = { 163ad43c49eSManish V Badarkhe .img_id = SCP_FW_CONTENT_CERT_ID, 164ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 165ad43c49eSManish V Badarkhe .parent = &scp_fw_key_cert, 166ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 167ad43c49eSManish V Badarkhe [0] = { 168ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 169ad43c49eSManish V Badarkhe .param.sig = { 170ad43c49eSManish V Badarkhe .pk = &scp_fw_content_pk, 171ad43c49eSManish V Badarkhe .sig = &sig, 172ad43c49eSManish V Badarkhe .alg = &sig_alg, 173ad43c49eSManish V Badarkhe .data = &raw_data 174ad43c49eSManish V Badarkhe } 175ad43c49eSManish V Badarkhe }, 176ad43c49eSManish V Badarkhe [1] = { 177ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 178ad43c49eSManish V Badarkhe .param.nv_ctr = { 179ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 180ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 181ad43c49eSManish V Badarkhe } 182ad43c49eSManish V Badarkhe } 183ad43c49eSManish V Badarkhe }, 184ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 185ad43c49eSManish V Badarkhe [0] = { 186ad43c49eSManish V Badarkhe .type_desc = &scp_fw_hash, 187ad43c49eSManish V Badarkhe .data = { 188ad43c49eSManish V Badarkhe .ptr = (void *)scp_fw_hash_buf, 189ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 190ad43c49eSManish V Badarkhe } 191ad43c49eSManish V Badarkhe } 192ad43c49eSManish V Badarkhe } 193ad43c49eSManish V Badarkhe }; 194ad43c49eSManish V Badarkhe static const auth_img_desc_t scp_bl2_image = { 195ad43c49eSManish V Badarkhe .img_id = SCP_BL2_IMAGE_ID, 196ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 197ad43c49eSManish V Badarkhe .parent = &scp_fw_content_cert, 198ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 199ad43c49eSManish V Badarkhe [0] = { 200ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 201ad43c49eSManish V Badarkhe .param.hash = { 202ad43c49eSManish V Badarkhe .data = &raw_data, 203ad43c49eSManish V Badarkhe .hash = &scp_fw_hash 204ad43c49eSManish V Badarkhe } 205ad43c49eSManish V Badarkhe } 206ad43c49eSManish V Badarkhe } 207ad43c49eSManish V Badarkhe }; 208ad43c49eSManish V Badarkhe /* 209ad43c49eSManish V Badarkhe * SoC Firmware 210ad43c49eSManish V Badarkhe */ 211ad43c49eSManish V Badarkhe static const auth_img_desc_t soc_fw_key_cert = { 212ad43c49eSManish V Badarkhe .img_id = SOC_FW_KEY_CERT_ID, 213ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 214ad43c49eSManish V Badarkhe .parent = &trusted_key_cert, 215ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 216ad43c49eSManish V Badarkhe [0] = { 217ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 218ad43c49eSManish V Badarkhe .param.sig = { 219ad43c49eSManish V Badarkhe .pk = &trusted_world_pk, 220ad43c49eSManish V Badarkhe .sig = &sig, 221ad43c49eSManish V Badarkhe .alg = &sig_alg, 222ad43c49eSManish V Badarkhe .data = &raw_data 223ad43c49eSManish V Badarkhe } 224ad43c49eSManish V Badarkhe }, 225ad43c49eSManish V Badarkhe [1] = { 226ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 227ad43c49eSManish V Badarkhe .param.nv_ctr = { 228ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 229ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 230ad43c49eSManish V Badarkhe } 231ad43c49eSManish V Badarkhe } 232ad43c49eSManish V Badarkhe }, 233ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 234ad43c49eSManish V Badarkhe [0] = { 235ad43c49eSManish V Badarkhe .type_desc = &soc_fw_content_pk, 236ad43c49eSManish V Badarkhe .data = { 237ad43c49eSManish V Badarkhe .ptr = (void *)content_pk_buf, 238ad43c49eSManish V Badarkhe .len = (unsigned int)PK_DER_LEN 239ad43c49eSManish V Badarkhe } 240ad43c49eSManish V Badarkhe } 241ad43c49eSManish V Badarkhe } 242ad43c49eSManish V Badarkhe }; 243ad43c49eSManish V Badarkhe static const auth_img_desc_t soc_fw_content_cert = { 244ad43c49eSManish V Badarkhe .img_id = SOC_FW_CONTENT_CERT_ID, 245ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 246ad43c49eSManish V Badarkhe .parent = &soc_fw_key_cert, 247ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 248ad43c49eSManish V Badarkhe [0] = { 249ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 250ad43c49eSManish V Badarkhe .param.sig = { 251ad43c49eSManish V Badarkhe .pk = &soc_fw_content_pk, 252ad43c49eSManish V Badarkhe .sig = &sig, 253ad43c49eSManish V Badarkhe .alg = &sig_alg, 254ad43c49eSManish V Badarkhe .data = &raw_data 255ad43c49eSManish V Badarkhe } 256ad43c49eSManish V Badarkhe }, 257ad43c49eSManish V Badarkhe [1] = { 258ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 259ad43c49eSManish V Badarkhe .param.nv_ctr = { 260ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 261ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 262ad43c49eSManish V Badarkhe } 263ad43c49eSManish V Badarkhe } 264ad43c49eSManish V Badarkhe }, 265ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 266ad43c49eSManish V Badarkhe [0] = { 267ad43c49eSManish V Badarkhe .type_desc = &soc_fw_hash, 268ad43c49eSManish V Badarkhe .data = { 269ad43c49eSManish V Badarkhe .ptr = (void *)soc_fw_hash_buf, 270ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 271ad43c49eSManish V Badarkhe } 272ad43c49eSManish V Badarkhe }, 273ad43c49eSManish V Badarkhe [1] = { 274ad43c49eSManish V Badarkhe .type_desc = &soc_fw_config_hash, 275ad43c49eSManish V Badarkhe .data = { 276ad43c49eSManish V Badarkhe .ptr = (void *)soc_fw_config_hash_buf, 277ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 278ad43c49eSManish V Badarkhe } 279ad43c49eSManish V Badarkhe } 280ad43c49eSManish V Badarkhe } 281ad43c49eSManish V Badarkhe }; 282ad43c49eSManish V Badarkhe static const auth_img_desc_t bl31_image = { 283ad43c49eSManish V Badarkhe .img_id = BL31_IMAGE_ID, 284ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 285ad43c49eSManish V Badarkhe .parent = &soc_fw_content_cert, 286ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 287ad43c49eSManish V Badarkhe [0] = { 288ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 289ad43c49eSManish V Badarkhe .param.hash = { 290ad43c49eSManish V Badarkhe .data = &raw_data, 291ad43c49eSManish V Badarkhe .hash = &soc_fw_hash 292ad43c49eSManish V Badarkhe } 293ad43c49eSManish V Badarkhe } 294ad43c49eSManish V Badarkhe } 295ad43c49eSManish V Badarkhe }; 296ad43c49eSManish V Badarkhe /* SOC FW Config */ 297ad43c49eSManish V Badarkhe static const auth_img_desc_t soc_fw_config = { 298ad43c49eSManish V Badarkhe .img_id = SOC_FW_CONFIG_ID, 299ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 300ad43c49eSManish V Badarkhe .parent = &soc_fw_content_cert, 301ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 302ad43c49eSManish V Badarkhe [0] = { 303ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 304ad43c49eSManish V Badarkhe .param.hash = { 305ad43c49eSManish V Badarkhe .data = &raw_data, 306ad43c49eSManish V Badarkhe .hash = &soc_fw_config_hash 307ad43c49eSManish V Badarkhe } 308ad43c49eSManish V Badarkhe } 309ad43c49eSManish V Badarkhe } 310ad43c49eSManish V Badarkhe }; 311ad43c49eSManish V Badarkhe /* 312ad43c49eSManish V Badarkhe * Trusted OS Firmware 313ad43c49eSManish V Badarkhe */ 314ad43c49eSManish V Badarkhe static const auth_img_desc_t trusted_os_fw_key_cert = { 315ad43c49eSManish V Badarkhe .img_id = TRUSTED_OS_FW_KEY_CERT_ID, 316ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 317ad43c49eSManish V Badarkhe .parent = &trusted_key_cert, 318ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 319ad43c49eSManish V Badarkhe [0] = { 320ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 321ad43c49eSManish V Badarkhe .param.sig = { 322ad43c49eSManish V Badarkhe .pk = &trusted_world_pk, 323ad43c49eSManish V Badarkhe .sig = &sig, 324ad43c49eSManish V Badarkhe .alg = &sig_alg, 325ad43c49eSManish V Badarkhe .data = &raw_data 326ad43c49eSManish V Badarkhe } 327ad43c49eSManish V Badarkhe }, 328ad43c49eSManish V Badarkhe [1] = { 329ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 330ad43c49eSManish V Badarkhe .param.nv_ctr = { 331ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 332ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 333ad43c49eSManish V Badarkhe } 334ad43c49eSManish V Badarkhe } 335ad43c49eSManish V Badarkhe }, 336ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 337ad43c49eSManish V Badarkhe [0] = { 338ad43c49eSManish V Badarkhe .type_desc = &tos_fw_content_pk, 339ad43c49eSManish V Badarkhe .data = { 340ad43c49eSManish V Badarkhe .ptr = (void *)content_pk_buf, 341ad43c49eSManish V Badarkhe .len = (unsigned int)PK_DER_LEN 342ad43c49eSManish V Badarkhe } 343ad43c49eSManish V Badarkhe } 344ad43c49eSManish V Badarkhe } 345ad43c49eSManish V Badarkhe }; 346ad43c49eSManish V Badarkhe static const auth_img_desc_t trusted_os_fw_content_cert = { 347ad43c49eSManish V Badarkhe .img_id = TRUSTED_OS_FW_CONTENT_CERT_ID, 348ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 349ad43c49eSManish V Badarkhe .parent = &trusted_os_fw_key_cert, 350ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 351ad43c49eSManish V Badarkhe [0] = { 352ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 353ad43c49eSManish V Badarkhe .param.sig = { 354ad43c49eSManish V Badarkhe .pk = &tos_fw_content_pk, 355ad43c49eSManish V Badarkhe .sig = &sig, 356ad43c49eSManish V Badarkhe .alg = &sig_alg, 357ad43c49eSManish V Badarkhe .data = &raw_data 358ad43c49eSManish V Badarkhe } 359ad43c49eSManish V Badarkhe }, 360ad43c49eSManish V Badarkhe [1] = { 361ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 362ad43c49eSManish V Badarkhe .param.nv_ctr = { 363ad43c49eSManish V Badarkhe .cert_nv_ctr = &trusted_nv_ctr, 364ad43c49eSManish V Badarkhe .plat_nv_ctr = &trusted_nv_ctr 365ad43c49eSManish V Badarkhe } 366ad43c49eSManish V Badarkhe } 367ad43c49eSManish V Badarkhe }, 368ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 369ad43c49eSManish V Badarkhe [0] = { 370ad43c49eSManish V Badarkhe .type_desc = &tos_fw_hash, 371ad43c49eSManish V Badarkhe .data = { 372ad43c49eSManish V Badarkhe .ptr = (void *)tos_fw_hash_buf, 373ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 374ad43c49eSManish V Badarkhe } 375ad43c49eSManish V Badarkhe }, 376ad43c49eSManish V Badarkhe [1] = { 377ad43c49eSManish V Badarkhe .type_desc = &tos_fw_extra1_hash, 378ad43c49eSManish V Badarkhe .data = { 379ad43c49eSManish V Badarkhe .ptr = (void *)tos_fw_extra1_hash_buf, 380ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 381ad43c49eSManish V Badarkhe } 382ad43c49eSManish V Badarkhe }, 383ad43c49eSManish V Badarkhe [2] = { 384ad43c49eSManish V Badarkhe .type_desc = &tos_fw_extra2_hash, 385ad43c49eSManish V Badarkhe .data = { 386ad43c49eSManish V Badarkhe .ptr = (void *)tos_fw_extra2_hash_buf, 387ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 388ad43c49eSManish V Badarkhe } 389ad43c49eSManish V Badarkhe }, 390ad43c49eSManish V Badarkhe [3] = { 391ad43c49eSManish V Badarkhe .type_desc = &tos_fw_config_hash, 392ad43c49eSManish V Badarkhe .data = { 393ad43c49eSManish V Badarkhe .ptr = (void *)tos_fw_config_hash_buf, 394ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 395ad43c49eSManish V Badarkhe } 396ad43c49eSManish V Badarkhe } 397ad43c49eSManish V Badarkhe } 398ad43c49eSManish V Badarkhe }; 399ad43c49eSManish V Badarkhe static const auth_img_desc_t bl32_image = { 400ad43c49eSManish V Badarkhe .img_id = BL32_IMAGE_ID, 401ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 402ad43c49eSManish V Badarkhe .parent = &trusted_os_fw_content_cert, 403ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 404ad43c49eSManish V Badarkhe [0] = { 405ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 406ad43c49eSManish V Badarkhe .param.hash = { 407ad43c49eSManish V Badarkhe .data = &raw_data, 408ad43c49eSManish V Badarkhe .hash = &tos_fw_hash 409ad43c49eSManish V Badarkhe } 410ad43c49eSManish V Badarkhe } 411ad43c49eSManish V Badarkhe } 412ad43c49eSManish V Badarkhe }; 413ad43c49eSManish V Badarkhe static const auth_img_desc_t bl32_extra1_image = { 414ad43c49eSManish V Badarkhe .img_id = BL32_EXTRA1_IMAGE_ID, 415ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 416ad43c49eSManish V Badarkhe .parent = &trusted_os_fw_content_cert, 417ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 418ad43c49eSManish V Badarkhe [0] = { 419ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 420ad43c49eSManish V Badarkhe .param.hash = { 421ad43c49eSManish V Badarkhe .data = &raw_data, 422ad43c49eSManish V Badarkhe .hash = &tos_fw_extra1_hash 423ad43c49eSManish V Badarkhe } 424ad43c49eSManish V Badarkhe } 425ad43c49eSManish V Badarkhe } 426ad43c49eSManish V Badarkhe }; 427ad43c49eSManish V Badarkhe static const auth_img_desc_t bl32_extra2_image = { 428ad43c49eSManish V Badarkhe .img_id = BL32_EXTRA2_IMAGE_ID, 429ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 430ad43c49eSManish V Badarkhe .parent = &trusted_os_fw_content_cert, 431ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 432ad43c49eSManish V Badarkhe [0] = { 433ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 434ad43c49eSManish V Badarkhe .param.hash = { 435ad43c49eSManish V Badarkhe .data = &raw_data, 436ad43c49eSManish V Badarkhe .hash = &tos_fw_extra2_hash 437ad43c49eSManish V Badarkhe } 438ad43c49eSManish V Badarkhe } 439ad43c49eSManish V Badarkhe } 440ad43c49eSManish V Badarkhe }; 441ad43c49eSManish V Badarkhe /* TOS FW Config */ 442ad43c49eSManish V Badarkhe static const auth_img_desc_t tos_fw_config = { 443ad43c49eSManish V Badarkhe .img_id = TOS_FW_CONFIG_ID, 444ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 445ad43c49eSManish V Badarkhe .parent = &trusted_os_fw_content_cert, 446ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 447ad43c49eSManish V Badarkhe [0] = { 448ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 449ad43c49eSManish V Badarkhe .param.hash = { 450ad43c49eSManish V Badarkhe .data = &raw_data, 451ad43c49eSManish V Badarkhe .hash = &tos_fw_config_hash 452ad43c49eSManish V Badarkhe } 453ad43c49eSManish V Badarkhe } 454ad43c49eSManish V Badarkhe } 455ad43c49eSManish V Badarkhe }; 456ad43c49eSManish V Badarkhe /* 457ad43c49eSManish V Badarkhe * Non-Trusted Firmware 458ad43c49eSManish V Badarkhe */ 459ad43c49eSManish V Badarkhe static const auth_img_desc_t non_trusted_fw_key_cert = { 460ad43c49eSManish V Badarkhe .img_id = NON_TRUSTED_FW_KEY_CERT_ID, 461ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 462ad43c49eSManish V Badarkhe .parent = &trusted_key_cert, 463ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 464ad43c49eSManish V Badarkhe [0] = { 465ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 466ad43c49eSManish V Badarkhe .param.sig = { 467ad43c49eSManish V Badarkhe .pk = &non_trusted_world_pk, 468ad43c49eSManish V Badarkhe .sig = &sig, 469ad43c49eSManish V Badarkhe .alg = &sig_alg, 470ad43c49eSManish V Badarkhe .data = &raw_data 471ad43c49eSManish V Badarkhe } 472ad43c49eSManish V Badarkhe }, 473ad43c49eSManish V Badarkhe [1] = { 474ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 475ad43c49eSManish V Badarkhe .param.nv_ctr = { 476ad43c49eSManish V Badarkhe .cert_nv_ctr = &non_trusted_nv_ctr, 477ad43c49eSManish V Badarkhe .plat_nv_ctr = &non_trusted_nv_ctr 478ad43c49eSManish V Badarkhe } 479ad43c49eSManish V Badarkhe } 480ad43c49eSManish V Badarkhe }, 481ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 482ad43c49eSManish V Badarkhe [0] = { 483ad43c49eSManish V Badarkhe .type_desc = &nt_fw_content_pk, 484ad43c49eSManish V Badarkhe .data = { 485ad43c49eSManish V Badarkhe .ptr = (void *)content_pk_buf, 486ad43c49eSManish V Badarkhe .len = (unsigned int)PK_DER_LEN 487ad43c49eSManish V Badarkhe } 488ad43c49eSManish V Badarkhe } 489ad43c49eSManish V Badarkhe } 490ad43c49eSManish V Badarkhe }; 491ad43c49eSManish V Badarkhe static const auth_img_desc_t non_trusted_fw_content_cert = { 492ad43c49eSManish V Badarkhe .img_id = NON_TRUSTED_FW_CONTENT_CERT_ID, 493ad43c49eSManish V Badarkhe .img_type = IMG_CERT, 494ad43c49eSManish V Badarkhe .parent = &non_trusted_fw_key_cert, 495ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 496ad43c49eSManish V Badarkhe [0] = { 497ad43c49eSManish V Badarkhe .type = AUTH_METHOD_SIG, 498ad43c49eSManish V Badarkhe .param.sig = { 499ad43c49eSManish V Badarkhe .pk = &nt_fw_content_pk, 500ad43c49eSManish V Badarkhe .sig = &sig, 501ad43c49eSManish V Badarkhe .alg = &sig_alg, 502ad43c49eSManish V Badarkhe .data = &raw_data 503ad43c49eSManish V Badarkhe } 504ad43c49eSManish V Badarkhe }, 505ad43c49eSManish V Badarkhe [1] = { 506ad43c49eSManish V Badarkhe .type = AUTH_METHOD_NV_CTR, 507ad43c49eSManish V Badarkhe .param.nv_ctr = { 508ad43c49eSManish V Badarkhe .cert_nv_ctr = &non_trusted_nv_ctr, 509ad43c49eSManish V Badarkhe .plat_nv_ctr = &non_trusted_nv_ctr 510ad43c49eSManish V Badarkhe } 511ad43c49eSManish V Badarkhe } 512ad43c49eSManish V Badarkhe }, 513ad43c49eSManish V Badarkhe .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 514ad43c49eSManish V Badarkhe [0] = { 515ad43c49eSManish V Badarkhe .type_desc = &nt_world_bl_hash, 516ad43c49eSManish V Badarkhe .data = { 517ad43c49eSManish V Badarkhe .ptr = (void *)nt_world_bl_hash_buf, 518ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 519ad43c49eSManish V Badarkhe } 520ad43c49eSManish V Badarkhe }, 521ad43c49eSManish V Badarkhe [1] = { 522ad43c49eSManish V Badarkhe .type_desc = &nt_fw_config_hash, 523ad43c49eSManish V Badarkhe .data = { 524ad43c49eSManish V Badarkhe .ptr = (void *)nt_fw_config_hash_buf, 525ad43c49eSManish V Badarkhe .len = (unsigned int)HASH_DER_LEN 526ad43c49eSManish V Badarkhe } 527ad43c49eSManish V Badarkhe } 528ad43c49eSManish V Badarkhe } 529ad43c49eSManish V Badarkhe }; 530ad43c49eSManish V Badarkhe static const auth_img_desc_t bl33_image = { 531ad43c49eSManish V Badarkhe .img_id = BL33_IMAGE_ID, 532ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 533ad43c49eSManish V Badarkhe .parent = &non_trusted_fw_content_cert, 534ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 535ad43c49eSManish V Badarkhe [0] = { 536ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 537ad43c49eSManish V Badarkhe .param.hash = { 538ad43c49eSManish V Badarkhe .data = &raw_data, 539ad43c49eSManish V Badarkhe .hash = &nt_world_bl_hash 540ad43c49eSManish V Badarkhe } 541ad43c49eSManish V Badarkhe } 542ad43c49eSManish V Badarkhe } 543ad43c49eSManish V Badarkhe }; 544ad43c49eSManish V Badarkhe /* NT FW Config */ 545ad43c49eSManish V Badarkhe static const auth_img_desc_t nt_fw_config = { 546ad43c49eSManish V Badarkhe .img_id = NT_FW_CONFIG_ID, 547ad43c49eSManish V Badarkhe .img_type = IMG_RAW, 548ad43c49eSManish V Badarkhe .parent = &non_trusted_fw_content_cert, 549ad43c49eSManish V Badarkhe .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 550ad43c49eSManish V Badarkhe [0] = { 551ad43c49eSManish V Badarkhe .type = AUTH_METHOD_HASH, 552ad43c49eSManish V Badarkhe .param.hash = { 553ad43c49eSManish V Badarkhe .data = &raw_data, 554ad43c49eSManish V Badarkhe .hash = &nt_fw_config_hash 555ad43c49eSManish V Badarkhe } 556ad43c49eSManish V Badarkhe } 557ad43c49eSManish V Badarkhe } 558ad43c49eSManish V Badarkhe }; 559*68758dd6SManish Pandey /* Secure Partitions */ 560*68758dd6SManish Pandey #if defined(SPD_spmd) 561*68758dd6SManish Pandey static const auth_img_desc_t sp_content_cert = { 562*68758dd6SManish Pandey .img_id = SP_CONTENT_CERT_ID, 563*68758dd6SManish Pandey .img_type = IMG_CERT, 564*68758dd6SManish Pandey .parent = &trusted_key_cert, 565*68758dd6SManish Pandey .img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) { 566*68758dd6SManish Pandey [0] = { 567*68758dd6SManish Pandey .type = AUTH_METHOD_SIG, 568*68758dd6SManish Pandey .param.sig = { 569*68758dd6SManish Pandey .pk = &trusted_world_pk, 570*68758dd6SManish Pandey .sig = &sig, 571*68758dd6SManish Pandey .alg = &sig_alg, 572*68758dd6SManish Pandey .data = &raw_data 573*68758dd6SManish Pandey } 574*68758dd6SManish Pandey }, 575*68758dd6SManish Pandey [1] = { 576*68758dd6SManish Pandey .type = AUTH_METHOD_NV_CTR, 577*68758dd6SManish Pandey .param.nv_ctr = { 578*68758dd6SManish Pandey .cert_nv_ctr = &trusted_nv_ctr, 579*68758dd6SManish Pandey .plat_nv_ctr = &trusted_nv_ctr 580*68758dd6SManish Pandey } 581*68758dd6SManish Pandey } 582*68758dd6SManish Pandey }, 583*68758dd6SManish Pandey .authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) { 584*68758dd6SManish Pandey [0] = { 585*68758dd6SManish Pandey .type_desc = &sp_pkg1_hash, 586*68758dd6SManish Pandey .data = { 587*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[0], 588*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 589*68758dd6SManish Pandey } 590*68758dd6SManish Pandey }, 591*68758dd6SManish Pandey [1] = { 592*68758dd6SManish Pandey .type_desc = &sp_pkg2_hash, 593*68758dd6SManish Pandey .data = { 594*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[1], 595*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 596*68758dd6SManish Pandey } 597*68758dd6SManish Pandey }, 598*68758dd6SManish Pandey [2] = { 599*68758dd6SManish Pandey .type_desc = &sp_pkg3_hash, 600*68758dd6SManish Pandey .data = { 601*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[2], 602*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 603*68758dd6SManish Pandey } 604*68758dd6SManish Pandey }, 605*68758dd6SManish Pandey [3] = { 606*68758dd6SManish Pandey .type_desc = &sp_pkg4_hash, 607*68758dd6SManish Pandey .data = { 608*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[3], 609*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 610*68758dd6SManish Pandey } 611*68758dd6SManish Pandey }, 612*68758dd6SManish Pandey [4] = { 613*68758dd6SManish Pandey .type_desc = &sp_pkg5_hash, 614*68758dd6SManish Pandey .data = { 615*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[4], 616*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 617*68758dd6SManish Pandey } 618*68758dd6SManish Pandey }, 619*68758dd6SManish Pandey [5] = { 620*68758dd6SManish Pandey .type_desc = &sp_pkg6_hash, 621*68758dd6SManish Pandey .data = { 622*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[5], 623*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 624*68758dd6SManish Pandey } 625*68758dd6SManish Pandey }, 626*68758dd6SManish Pandey [6] = { 627*68758dd6SManish Pandey .type_desc = &sp_pkg7_hash, 628*68758dd6SManish Pandey .data = { 629*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[6], 630*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 631*68758dd6SManish Pandey } 632*68758dd6SManish Pandey }, 633*68758dd6SManish Pandey [7] = { 634*68758dd6SManish Pandey .type_desc = &sp_pkg8_hash, 635*68758dd6SManish Pandey .data = { 636*68758dd6SManish Pandey .ptr = (void *)sp_pkg_hash_buf[7], 637*68758dd6SManish Pandey .len = (unsigned int)HASH_DER_LEN 638*68758dd6SManish Pandey } 639*68758dd6SManish Pandey } 640*68758dd6SManish Pandey } 641*68758dd6SManish Pandey }; 642*68758dd6SManish Pandey 643*68758dd6SManish Pandey DEFINE_SP_PKG(1); 644*68758dd6SManish Pandey DEFINE_SP_PKG(2); 645*68758dd6SManish Pandey DEFINE_SP_PKG(3); 646*68758dd6SManish Pandey DEFINE_SP_PKG(4); 647*68758dd6SManish Pandey DEFINE_SP_PKG(5); 648*68758dd6SManish Pandey DEFINE_SP_PKG(6); 649*68758dd6SManish Pandey DEFINE_SP_PKG(7); 650*68758dd6SManish Pandey DEFINE_SP_PKG(8); 651*68758dd6SManish Pandey #endif /* SPD_spmd */ 652ad43c49eSManish V Badarkhe 653ad43c49eSManish V Badarkhe static const auth_img_desc_t * const cot_desc[] = { 654ad43c49eSManish V Badarkhe [TRUSTED_BOOT_FW_CERT_ID] = &trusted_boot_fw_cert, 655ad43c49eSManish V Badarkhe [HW_CONFIG_ID] = &hw_config, 656ad43c49eSManish V Badarkhe [TRUSTED_KEY_CERT_ID] = &trusted_key_cert, 657ad43c49eSManish V Badarkhe [SCP_FW_KEY_CERT_ID] = &scp_fw_key_cert, 658ad43c49eSManish V Badarkhe [SCP_FW_CONTENT_CERT_ID] = &scp_fw_content_cert, 659ad43c49eSManish V Badarkhe [SCP_BL2_IMAGE_ID] = &scp_bl2_image, 660ad43c49eSManish V Badarkhe [SOC_FW_KEY_CERT_ID] = &soc_fw_key_cert, 661ad43c49eSManish V Badarkhe [SOC_FW_CONTENT_CERT_ID] = &soc_fw_content_cert, 662ad43c49eSManish V Badarkhe [BL31_IMAGE_ID] = &bl31_image, 663ad43c49eSManish V Badarkhe [SOC_FW_CONFIG_ID] = &soc_fw_config, 664ad43c49eSManish V Badarkhe [TRUSTED_OS_FW_KEY_CERT_ID] = &trusted_os_fw_key_cert, 665ad43c49eSManish V Badarkhe [TRUSTED_OS_FW_CONTENT_CERT_ID] = &trusted_os_fw_content_cert, 666ad43c49eSManish V Badarkhe [BL32_IMAGE_ID] = &bl32_image, 667ad43c49eSManish V Badarkhe [BL32_EXTRA1_IMAGE_ID] = &bl32_extra1_image, 668ad43c49eSManish V Badarkhe [BL32_EXTRA2_IMAGE_ID] = &bl32_extra2_image, 669ad43c49eSManish V Badarkhe [TOS_FW_CONFIG_ID] = &tos_fw_config, 670ad43c49eSManish V Badarkhe [NON_TRUSTED_FW_KEY_CERT_ID] = &non_trusted_fw_key_cert, 671ad43c49eSManish V Badarkhe [NON_TRUSTED_FW_CONTENT_CERT_ID] = &non_trusted_fw_content_cert, 672ad43c49eSManish V Badarkhe [BL33_IMAGE_ID] = &bl33_image, 673ad43c49eSManish V Badarkhe [NT_FW_CONFIG_ID] = &nt_fw_config, 674*68758dd6SManish Pandey #if defined(SPD_spmd) 675*68758dd6SManish Pandey [SP_CONTENT_CERT_ID] = &sp_content_cert, 676*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 1] = &sp_pkg1, 677*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 2] = &sp_pkg2, 678*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 3] = &sp_pkg3, 679*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 4] = &sp_pkg4, 680*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 5] = &sp_pkg5, 681*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 6] = &sp_pkg6, 682*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 7] = &sp_pkg7, 683*68758dd6SManish Pandey [SP_CONTENT_CERT_ID + 8] = &sp_pkg8, 684*68758dd6SManish Pandey #endif 685ad43c49eSManish V Badarkhe }; 686ad43c49eSManish V Badarkhe 687ad43c49eSManish V Badarkhe /* Register the CoT in the authentication module */ 688ad43c49eSManish V Badarkhe REGISTER_COT(cot_desc); 689