xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_cert.c (revision 649dbf6f3666fa4ec8bad318d01b946fb89063e0) 
1 /*
2  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  * Redistributions of source code must retain the above copyright notice, this
8  * list of conditions and the following disclaimer.
9  *
10  * Redistributions in binary form must reproduce the above copyright notice,
11  * this list of conditions and the following disclaimer in the documentation
12  * and/or other materials provided with the distribution.
13  *
14  * Neither the name of ARM nor the names of its contributors may be used
15  * to endorse or promote products derived from this software without specific
16  * prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28  * POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include "tbbr/tbb_cert.h"
32 #include "tbbr/tbb_ext.h"
33 #include "tbbr/tbb_key.h"
34 
35 /*
36  * Certificates used in the chain of trust
37  *
38  * The order of the certificates must follow the enumeration specified in
39  * tbb_cert.h. All certificates are self-signed, so the issuer certificate
40  * field points to itself.
41  */
42 static cert_t tbb_certs[] = {
43 	[BL2_CERT] = {
44 		.id = BL2_CERT,
45 		.opt = "bl2-cert",
46 		.fn = NULL,
47 		.cn = "BL2 Certificate",
48 		.key = ROT_KEY,
49 		.issuer = BL2_CERT,
50 		.ext = {
51 			BL2_HASH_EXT
52 		},
53 		.num_ext = 1
54 	},
55 	[TRUSTED_KEY_CERT] = {
56 		.id = TRUSTED_KEY_CERT,
57 		.opt = "trusted-key-cert",
58 		.fn = NULL,
59 		.cn = "Trusted Key Certificate",
60 		.key = ROT_KEY,
61 		.issuer = TRUSTED_KEY_CERT,
62 		.ext = {
63 			TZ_WORLD_PK_EXT,
64 			NTZ_WORLD_PK_EXT
65 		},
66 		.num_ext = 2
67 	},
68 	[BL30_KEY_CERT] = {
69 		.id = BL30_KEY_CERT,
70 		.opt = "bl30-key-cert",
71 		.fn = NULL,
72 		.cn = "BL3-0 Key Certificate",
73 		.key = TRUSTED_WORLD_KEY,
74 		.issuer = BL30_KEY_CERT,
75 		.ext = {
76 			BL30_CONTENT_CERT_PK_EXT
77 		},
78 		.num_ext = 1
79 	},
80 	[BL30_CERT] = {
81 		.id = BL30_CERT,
82 		.opt = "bl30-cert",
83 		.fn = NULL,
84 		.cn = "BL3-0 Content Certificate",
85 		.key = BL30_KEY,
86 		.issuer = BL30_CERT,
87 		.ext = {
88 			BL30_HASH_EXT
89 		},
90 		.num_ext = 1
91 	},
92 	[BL31_KEY_CERT] = {
93 		.id = BL31_KEY_CERT,
94 		.opt = "bl31-key-cert",
95 		.fn = NULL,
96 		.cn = "BL3-1 Key Certificate",
97 		.key = TRUSTED_WORLD_KEY,
98 		.issuer = BL31_KEY_CERT,
99 		.ext = {
100 			BL31_CONTENT_CERT_PK_EXT
101 		},
102 		.num_ext = 1
103 	},
104 	[BL31_CERT] = {
105 		.id = BL31_CERT,
106 		.opt = "bl31-cert",
107 		.fn = NULL,
108 		.cn = "BL3-1 Content Certificate",
109 		.key = BL31_KEY,
110 		.issuer = BL31_CERT,
111 		.ext = {
112 			BL31_HASH_EXT
113 		},
114 		.num_ext = 1
115 	},
116 	[BL32_KEY_CERT] = {
117 		.id = BL32_KEY_CERT,
118 		.opt = "bl32-key-cert",
119 		.fn = NULL,
120 		.cn = "BL3-2 Key Certificate",
121 		.key = TRUSTED_WORLD_KEY,
122 		.issuer = BL32_KEY_CERT,
123 		.ext = {
124 			BL32_CONTENT_CERT_PK_EXT
125 		},
126 		.num_ext = 1
127 	},
128 	[BL32_CERT] = {
129 		.id = BL32_CERT,
130 		.opt = "bl32-cert",
131 		.fn = NULL,
132 		.cn = "BL3-2 Content Certificate",
133 		.key = BL32_KEY,
134 		.issuer = BL32_CERT,
135 		.ext = {
136 			BL32_HASH_EXT
137 		},
138 		.num_ext = 1
139 	},
140 	[BL33_KEY_CERT] = {
141 		.id = BL33_KEY_CERT,
142 		.opt = "bl33-key-cert",
143 		.fn = NULL,
144 		.cn = "BL3-3 Key Certificate",
145 		.key = NON_TRUSTED_WORLD_KEY,
146 		.issuer = BL33_KEY_CERT,
147 		.ext = {
148 			BL33_CONTENT_CERT_PK_EXT
149 		},
150 		.num_ext = 1
151 	},
152 	[BL33_CERT] = {
153 		.id = BL33_CERT,
154 		.opt = "bl33-cert",
155 		.fn = NULL,
156 		.cn = "BL3-3 Content Certificate",
157 		.key = BL33_KEY,
158 		.issuer = BL33_CERT,
159 		.ext = {
160 			BL33_HASH_EXT
161 		},
162 		.num_ext = 1
163 	}
164 };
165 
166 REGISTER_COT(tbb_certs);
167