1*a9d5c273SSandrine Bailleux /* 2*a9d5c273SSandrine Bailleux * Copyright (c) 2020, Arm Limited. All rights reserved. 3*a9d5c273SSandrine Bailleux * 4*a9d5c273SSandrine Bailleux * SPDX-License-Identifier: BSD-3-Clause 5*a9d5c273SSandrine Bailleux */ 6*a9d5c273SSandrine Bailleux 7*a9d5c273SSandrine Bailleux #ifndef DUALROOT_COT_H 8*a9d5c273SSandrine Bailleux #define DUALROOT_COT_H 9*a9d5c273SSandrine Bailleux 10*a9d5c273SSandrine Bailleux /* Certificates. */ 11*a9d5c273SSandrine Bailleux enum { 12*a9d5c273SSandrine Bailleux /* Certificates owned by the silicon provider. */ 13*a9d5c273SSandrine Bailleux TRUSTED_BOOT_FW_CERT, 14*a9d5c273SSandrine Bailleux TRUSTED_KEY_CERT, 15*a9d5c273SSandrine Bailleux SCP_FW_KEY_CERT, 16*a9d5c273SSandrine Bailleux SCP_FW_CONTENT_CERT, 17*a9d5c273SSandrine Bailleux SOC_FW_KEY_CERT, 18*a9d5c273SSandrine Bailleux SOC_FW_CONTENT_CERT, 19*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_KEY_CERT, 20*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_CONTENT_CERT, 21*a9d5c273SSandrine Bailleux FWU_CERT, 22*a9d5c273SSandrine Bailleux 23*a9d5c273SSandrine Bailleux /* Certificates owned by the platform owner. */ 24*a9d5c273SSandrine Bailleux NON_TRUSTED_FW_CONTENT_CERT, 25*a9d5c273SSandrine Bailleux }; 26*a9d5c273SSandrine Bailleux 27*a9d5c273SSandrine Bailleux /* Certificate extensions. */ 28*a9d5c273SSandrine Bailleux enum { 29*a9d5c273SSandrine Bailleux /* Extensions used in certificates owned by the silicon provider. */ 30*a9d5c273SSandrine Bailleux TRUSTED_FW_NVCOUNTER_EXT, 31*a9d5c273SSandrine Bailleux TRUSTED_BOOT_FW_HASH_EXT, 32*a9d5c273SSandrine Bailleux TRUSTED_BOOT_FW_CONFIG_HASH_EXT, 33*a9d5c273SSandrine Bailleux HW_CONFIG_HASH_EXT, 34*a9d5c273SSandrine Bailleux TRUSTED_WORLD_PK_EXT, 35*a9d5c273SSandrine Bailleux SCP_FW_CONTENT_CERT_PK_EXT, 36*a9d5c273SSandrine Bailleux SCP_FW_HASH_EXT, 37*a9d5c273SSandrine Bailleux SOC_FW_CONTENT_CERT_PK_EXT, 38*a9d5c273SSandrine Bailleux SOC_AP_FW_HASH_EXT, 39*a9d5c273SSandrine Bailleux SOC_FW_CONFIG_HASH_EXT, 40*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_CONTENT_CERT_PK_EXT, 41*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_HASH_EXT, 42*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_EXTRA1_HASH_EXT, 43*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_EXTRA2_HASH_EXT, 44*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_CONFIG_HASH_EXT, 45*a9d5c273SSandrine Bailleux SCP_FWU_CFG_HASH_EXT, 46*a9d5c273SSandrine Bailleux AP_FWU_CFG_HASH_EXT, 47*a9d5c273SSandrine Bailleux FWU_HASH_EXT, 48*a9d5c273SSandrine Bailleux 49*a9d5c273SSandrine Bailleux /* Extensions used in certificates owned by the platform owner. */ 50*a9d5c273SSandrine Bailleux PROT_PK_EXT, 51*a9d5c273SSandrine Bailleux NON_TRUSTED_FW_NVCOUNTER_EXT, 52*a9d5c273SSandrine Bailleux NON_TRUSTED_FW_CONTENT_CERT_PK_EXT, 53*a9d5c273SSandrine Bailleux NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT, 54*a9d5c273SSandrine Bailleux NON_TRUSTED_FW_CONFIG_HASH_EXT, 55*a9d5c273SSandrine Bailleux }; 56*a9d5c273SSandrine Bailleux 57*a9d5c273SSandrine Bailleux /* Keys. */ 58*a9d5c273SSandrine Bailleux enum { 59*a9d5c273SSandrine Bailleux /* Keys owned by the silicon provider. */ 60*a9d5c273SSandrine Bailleux ROT_KEY, 61*a9d5c273SSandrine Bailleux TRUSTED_WORLD_KEY, 62*a9d5c273SSandrine Bailleux SCP_FW_CONTENT_CERT_KEY, 63*a9d5c273SSandrine Bailleux SOC_FW_CONTENT_CERT_KEY, 64*a9d5c273SSandrine Bailleux TRUSTED_OS_FW_CONTENT_CERT_KEY, 65*a9d5c273SSandrine Bailleux 66*a9d5c273SSandrine Bailleux /* Keys owned by the platform owner. */ 67*a9d5c273SSandrine Bailleux PROT_KEY, 68*a9d5c273SSandrine Bailleux }; 69*a9d5c273SSandrine Bailleux 70*a9d5c273SSandrine Bailleux #endif /* DUALROOT_COT_H */ 71