xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision 159807e2faa50a2940f09d57dfa6132220508cce) 
155e291a4SJuan Castillo /*
255e291a4SJuan Castillo  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
355e291a4SJuan Castillo  *
455e291a4SJuan Castillo  * Redistribution and use in source and binary forms, with or without
555e291a4SJuan Castillo  * modification, are permitted provided that the following conditions are met:
655e291a4SJuan Castillo  *
755e291a4SJuan Castillo  * Redistributions of source code must retain the above copyright notice, this
855e291a4SJuan Castillo  * list of conditions and the following disclaimer.
955e291a4SJuan Castillo  *
1055e291a4SJuan Castillo  * Redistributions in binary form must reproduce the above copyright notice,
1155e291a4SJuan Castillo  * this list of conditions and the following disclaimer in the documentation
1255e291a4SJuan Castillo  * and/or other materials provided with the distribution.
1355e291a4SJuan Castillo  *
1455e291a4SJuan Castillo  * Neither the name of ARM nor the names of its contributors may be used
1555e291a4SJuan Castillo  * to endorse or promote products derived from this software without specific
1655e291a4SJuan Castillo  * prior written permission.
1755e291a4SJuan Castillo  *
1855e291a4SJuan Castillo  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
1955e291a4SJuan Castillo  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2055e291a4SJuan Castillo  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2155e291a4SJuan Castillo  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
2255e291a4SJuan Castillo  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
2355e291a4SJuan Castillo  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
2455e291a4SJuan Castillo  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
2555e291a4SJuan Castillo  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
2655e291a4SJuan Castillo  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
2755e291a4SJuan Castillo  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2855e291a4SJuan Castillo  * POSSIBILITY OF SUCH DAMAGE.
2955e291a4SJuan Castillo  */
3055e291a4SJuan Castillo 
3155e291a4SJuan Castillo #include <stdio.h>
3255e291a4SJuan Castillo #include <string.h>
3355e291a4SJuan Castillo #include <openssl/err.h>
3455e291a4SJuan Castillo #include <openssl/x509v3.h>
3555e291a4SJuan Castillo #include "ext.h"
3655e291a4SJuan Castillo #include "platform_oid.h"
3755e291a4SJuan Castillo #include "tbbr/tbb_ext.h"
3855e291a4SJuan Castillo #include "tbbr/tbb_key.h"
3955e291a4SJuan Castillo 
4055e291a4SJuan Castillo /* TODO: get these values from the command line */
4155e291a4SJuan Castillo #define TRUSTED_WORLD_NVCTR_VALUE	0
4255e291a4SJuan Castillo #define NORMAL_WORLD_NVCTR_VALUE	0
4355e291a4SJuan Castillo 
4455e291a4SJuan Castillo static ext_t tbb_ext[] = {
45516beb58SJuan Castillo 	[TRUSTED_FW_NVCOUNTER_EXT] = {
46516beb58SJuan Castillo 		.oid = TRUSTED_FW_NVCOUNTER_OID,
4755e291a4SJuan Castillo 		.sn = "TrustedWorldNVCounter",
4855e291a4SJuan Castillo 		.ln = "Trusted World Non-Volatile counter",
4955e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
5055e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
5155e291a4SJuan Castillo 		.data.nvcounter = TRUSTED_WORLD_NVCTR_VALUE
5255e291a4SJuan Castillo 	},
53516beb58SJuan Castillo 	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
54516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
5555e291a4SJuan Castillo 		.sn = "NormalWorldNVCounter",
5655e291a4SJuan Castillo 		.ln = "Normal World Non-Volatile counter",
5755e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
5855e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
5955e291a4SJuan Castillo 		.data.nvcounter = NORMAL_WORLD_NVCTR_VALUE
6055e291a4SJuan Castillo 	},
61516beb58SJuan Castillo 	[TRUSTED_BOOT_FW_HASH_EXT] = {
62516beb58SJuan Castillo 		.oid = TRUSTED_BOOT_FW_HASH_OID,
63516beb58SJuan Castillo 		.opt = "tb-fw",
64*159807e2SJuan Castillo 		.help_msg = "Trusted Boot Firmware image file",
6555e291a4SJuan Castillo 		.sn = "TrustedBootFirmwareHash",
66516beb58SJuan Castillo 		.ln = "Trusted Boot Firmware hash (SHA256)",
6755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
6855e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
6955e291a4SJuan Castillo 	},
70516beb58SJuan Castillo 	[TRUSTED_WORLD_PK_EXT] = {
71516beb58SJuan Castillo 		.oid = TRUSTED_WORLD_PK_OID,
7255e291a4SJuan Castillo 		.sn = "TrustedWorldPublicKey",
7355e291a4SJuan Castillo 		.ln = "Trusted World Public Key",
7455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
7555e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
7655e291a4SJuan Castillo 		.data.key = TRUSTED_WORLD_KEY
7755e291a4SJuan Castillo 	},
78516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_PK_EXT] = {
79516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_PK_OID,
8055e291a4SJuan Castillo 		.sn = "NonTrustedWorldPublicKey",
8155e291a4SJuan Castillo 		.ln = "Non-Trusted World Public Key",
8255e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
8355e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
8455e291a4SJuan Castillo 		.data.key = NON_TRUSTED_WORLD_KEY
8555e291a4SJuan Castillo 	},
86516beb58SJuan Castillo 	[SCP_FW_CONTENT_CERT_PK_EXT] = {
87516beb58SJuan Castillo 		.oid = SCP_FW_CONTENT_CERT_PK_OID,
8855e291a4SJuan Castillo 		.sn = "SCPFirmwareContentCertPK",
8955e291a4SJuan Castillo 		.ln = "SCP Firmware content certificate public key",
9055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
9155e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
92516beb58SJuan Castillo 		.data.key = SCP_FW_CONTENT_CERT_KEY
9355e291a4SJuan Castillo 	},
94516beb58SJuan Castillo 	[SCP_FW_HASH_EXT] = {
95516beb58SJuan Castillo 		.oid = SCP_FW_HASH_OID,
96516beb58SJuan Castillo 		.opt = "scp-fw",
97*159807e2SJuan Castillo 		.help_msg = "SCP Firmware image file",
9855e291a4SJuan Castillo 		.sn = "SCPFirmwareHash",
99516beb58SJuan Castillo 		.ln = "SCP Firmware hash (SHA256)",
10055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
10155e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
10255e291a4SJuan Castillo 	},
103516beb58SJuan Castillo 	[SOC_FW_CONTENT_CERT_PK_EXT] = {
104516beb58SJuan Castillo 		.oid = SOC_FW_CONTENT_CERT_PK_OID,
10555e291a4SJuan Castillo 		.sn = "SoCFirmwareContentCertPK",
10655e291a4SJuan Castillo 		.ln = "SoC Firmware content certificate public key",
10755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
10855e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
109516beb58SJuan Castillo 		.data.key = SOC_FW_CONTENT_CERT_KEY
11055e291a4SJuan Castillo 	},
111516beb58SJuan Castillo 	[SOC_AP_FW_HASH_EXT] = {
112516beb58SJuan Castillo 		.oid = SOC_AP_FW_HASH_OID,
113516beb58SJuan Castillo 		.opt = "soc-fw",
114*159807e2SJuan Castillo 		.help_msg = "SoC AP Firmware image file",
11555e291a4SJuan Castillo 		.sn = "SoCAPFirmwareHash",
116516beb58SJuan Castillo 		.ln = "SoC AP Firmware hash (SHA256)",
11755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
11855e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
11955e291a4SJuan Castillo 	},
120516beb58SJuan Castillo 	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
121516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
12255e291a4SJuan Castillo 		.sn = "TrustedOSFirmwareContentCertPK",
12355e291a4SJuan Castillo 		.ln = "Trusted OS Firmware content certificate public key",
12455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
12555e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
126516beb58SJuan Castillo 		.data.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
12755e291a4SJuan Castillo 	},
128516beb58SJuan Castillo 	[TRUSTED_OS_FW_HASH_EXT] = {
129516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_HASH_OID,
130516beb58SJuan Castillo 		.opt = "tos-fw",
131*159807e2SJuan Castillo 		.help_msg = "Trusted OS image file",
13255e291a4SJuan Castillo 		.sn = "TrustedOSHash",
133516beb58SJuan Castillo 		.ln = "Trusted OS hash (SHA256)",
13455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
13555e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
13655e291a4SJuan Castillo 	},
137516beb58SJuan Castillo 	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
138516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
13955e291a4SJuan Castillo 		.sn = "NonTrustedFirmwareContentCertPK",
14055e291a4SJuan Castillo 		.ln = "Non-Trusted Firmware content certificate public key",
14155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
14255e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
143516beb58SJuan Castillo 		.data.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
14455e291a4SJuan Castillo 	},
145516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
146516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
147516beb58SJuan Castillo 		.opt = "nt-fw",
148*159807e2SJuan Castillo 		.help_msg = "Non-Trusted World Bootloader image file",
14955e291a4SJuan Castillo 		.sn = "NonTrustedWorldBootloaderHash",
150516beb58SJuan Castillo 		.ln = "Non-Trusted World hash (SHA256)",
15155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
15255e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
153cebe1f23SYatharth Kochar 	},
154516beb58SJuan Castillo 	[SCP_FWU_CFG_HASH_EXT] = {
155516beb58SJuan Castillo 		.oid = SCP_FWU_CFG_HASH_OID,
156516beb58SJuan Castillo 		.opt = "scp-fwu-cfg",
157*159807e2SJuan Castillo 		.help_msg = "SCP Firmware Update Config image file",
158cebe1f23SYatharth Kochar 		.sn = "SCPFWUpdateConfig",
159516beb58SJuan Castillo 		.ln = "SCP Firmware Update Config hash (SHA256)",
160cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
161cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
162cebe1f23SYatharth Kochar 		.optional = 1
163cebe1f23SYatharth Kochar 	},
164516beb58SJuan Castillo 	[AP_FWU_CFG_HASH_EXT] = {
165516beb58SJuan Castillo 		.oid = AP_FWU_CFG_HASH_OID,
166516beb58SJuan Castillo 		.opt = "ap-fwu-cfg",
167*159807e2SJuan Castillo 		.help_msg = "AP Firmware Update Config image file",
168cebe1f23SYatharth Kochar 		.sn = "APFWUpdateConfig",
169516beb58SJuan Castillo 		.ln = "AP Firmware Update Config hash (SHA256)",
170cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
171cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
172cebe1f23SYatharth Kochar 		.optional = 1
173cebe1f23SYatharth Kochar 	},
174516beb58SJuan Castillo 	[FWU_HASH_EXT] = {
175516beb58SJuan Castillo 		.oid = FWU_HASH_OID,
176516beb58SJuan Castillo 		.opt = "fwu",
177*159807e2SJuan Castillo 		.help_msg = "Firmware Updater image file",
178cebe1f23SYatharth Kochar 		.sn = "FWUpdaterHash",
179516beb58SJuan Castillo 		.ln = "Firmware Updater hash (SHA256)",
180cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
181cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
182cebe1f23SYatharth Kochar 		.optional = 1
18355e291a4SJuan Castillo 	}
18455e291a4SJuan Castillo };
18555e291a4SJuan Castillo 
18655e291a4SJuan Castillo REGISTER_EXTENSIONS(tbb_ext);
187