xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision 55e291a4058633300deafabe62db7e2885f0afb5) 
1*55e291a4SJuan Castillo /*
2*55e291a4SJuan Castillo  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3*55e291a4SJuan Castillo  *
4*55e291a4SJuan Castillo  * Redistribution and use in source and binary forms, with or without
5*55e291a4SJuan Castillo  * modification, are permitted provided that the following conditions are met:
6*55e291a4SJuan Castillo  *
7*55e291a4SJuan Castillo  * Redistributions of source code must retain the above copyright notice, this
8*55e291a4SJuan Castillo  * list of conditions and the following disclaimer.
9*55e291a4SJuan Castillo  *
10*55e291a4SJuan Castillo  * Redistributions in binary form must reproduce the above copyright notice,
11*55e291a4SJuan Castillo  * this list of conditions and the following disclaimer in the documentation
12*55e291a4SJuan Castillo  * and/or other materials provided with the distribution.
13*55e291a4SJuan Castillo  *
14*55e291a4SJuan Castillo  * Neither the name of ARM nor the names of its contributors may be used
15*55e291a4SJuan Castillo  * to endorse or promote products derived from this software without specific
16*55e291a4SJuan Castillo  * prior written permission.
17*55e291a4SJuan Castillo  *
18*55e291a4SJuan Castillo  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19*55e291a4SJuan Castillo  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20*55e291a4SJuan Castillo  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21*55e291a4SJuan Castillo  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22*55e291a4SJuan Castillo  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23*55e291a4SJuan Castillo  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24*55e291a4SJuan Castillo  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25*55e291a4SJuan Castillo  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26*55e291a4SJuan Castillo  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27*55e291a4SJuan Castillo  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28*55e291a4SJuan Castillo  * POSSIBILITY OF SUCH DAMAGE.
29*55e291a4SJuan Castillo  */
30*55e291a4SJuan Castillo 
31*55e291a4SJuan Castillo #include <stdio.h>
32*55e291a4SJuan Castillo #include <string.h>
33*55e291a4SJuan Castillo #include <openssl/err.h>
34*55e291a4SJuan Castillo #include <openssl/x509v3.h>
35*55e291a4SJuan Castillo #include "ext.h"
36*55e291a4SJuan Castillo #include "platform_oid.h"
37*55e291a4SJuan Castillo #include "tbbr/tbb_ext.h"
38*55e291a4SJuan Castillo #include "tbbr/tbb_key.h"
39*55e291a4SJuan Castillo 
40*55e291a4SJuan Castillo /* TODO: get these values from the command line */
41*55e291a4SJuan Castillo #define TRUSTED_WORLD_NVCTR_VALUE	0
42*55e291a4SJuan Castillo #define NORMAL_WORLD_NVCTR_VALUE	0
43*55e291a4SJuan Castillo 
44*55e291a4SJuan Castillo static ext_t tbb_ext[] = {
45*55e291a4SJuan Castillo 	[TZ_FW_NVCOUNTER_EXT] = {
46*55e291a4SJuan Castillo 		.oid = TZ_FW_NVCOUNTER_OID,
47*55e291a4SJuan Castillo 		.sn = "TrustedWorldNVCounter",
48*55e291a4SJuan Castillo 		.ln = "Trusted World Non-Volatile counter",
49*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
50*55e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
51*55e291a4SJuan Castillo 		.data.nvcounter = TRUSTED_WORLD_NVCTR_VALUE
52*55e291a4SJuan Castillo 	},
53*55e291a4SJuan Castillo 	[NTZ_FW_NVCOUNTER_EXT] = {
54*55e291a4SJuan Castillo 		.oid = NTZ_FW_NVCOUNTER_OID,
55*55e291a4SJuan Castillo 		.sn = "NormalWorldNVCounter",
56*55e291a4SJuan Castillo 		.ln = "Normal World Non-Volatile counter",
57*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
58*55e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
59*55e291a4SJuan Castillo 		.data.nvcounter = NORMAL_WORLD_NVCTR_VALUE
60*55e291a4SJuan Castillo 	},
61*55e291a4SJuan Castillo 	[BL2_HASH_EXT] = {
62*55e291a4SJuan Castillo 		.oid = BL2_HASH_OID,
63*55e291a4SJuan Castillo 		.sn = "TrustedBootFirmwareHash",
64*55e291a4SJuan Castillo 		.ln = "Trusted Boot Firmware (BL2) hash (SHA256)",
65*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
66*55e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
67*55e291a4SJuan Castillo 	},
68*55e291a4SJuan Castillo 	[TZ_WORLD_PK_EXT] = {
69*55e291a4SJuan Castillo 		.oid = TZ_WORLD_PK_OID,
70*55e291a4SJuan Castillo 		.sn = "TrustedWorldPublicKey",
71*55e291a4SJuan Castillo 		.ln = "Trusted World Public Key",
72*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
73*55e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
74*55e291a4SJuan Castillo 		.data.key = TRUSTED_WORLD_KEY
75*55e291a4SJuan Castillo 	},
76*55e291a4SJuan Castillo 	[NTZ_WORLD_PK_EXT] = {
77*55e291a4SJuan Castillo 		.oid = NTZ_WORLD_PK_OID,
78*55e291a4SJuan Castillo 		.sn = "NonTrustedWorldPublicKey",
79*55e291a4SJuan Castillo 		.ln = "Non-Trusted World Public Key",
80*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
81*55e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
82*55e291a4SJuan Castillo 		.data.key = NON_TRUSTED_WORLD_KEY
83*55e291a4SJuan Castillo 	},
84*55e291a4SJuan Castillo 	[BL30_CONTENT_CERT_PK_EXT] = {
85*55e291a4SJuan Castillo 		.oid = BL30_CONTENT_CERT_PK_OID,
86*55e291a4SJuan Castillo 		.sn = "SCPFirmwareContentCertPK",
87*55e291a4SJuan Castillo 		.ln = "SCP Firmware content certificate public key",
88*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
89*55e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
90*55e291a4SJuan Castillo 		.data.key = BL30_KEY
91*55e291a4SJuan Castillo 	},
92*55e291a4SJuan Castillo 	[BL30_HASH_EXT] = {
93*55e291a4SJuan Castillo 		.oid = BL30_HASH_OID,
94*55e291a4SJuan Castillo 		.sn = "SCPFirmwareHash",
95*55e291a4SJuan Castillo 		.ln = "SCP Firmware (BL30) hash (SHA256)",
96*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
97*55e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
98*55e291a4SJuan Castillo 	},
99*55e291a4SJuan Castillo 	[BL31_CONTENT_CERT_PK_EXT] = {
100*55e291a4SJuan Castillo 		.oid = BL31_CONTENT_CERT_PK_OID,
101*55e291a4SJuan Castillo 		.sn = "SoCFirmwareContentCertPK",
102*55e291a4SJuan Castillo 		.ln = "SoC Firmware content certificate public key",
103*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
104*55e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
105*55e291a4SJuan Castillo 		.data.key = BL31_KEY
106*55e291a4SJuan Castillo 	},
107*55e291a4SJuan Castillo 	[BL31_HASH_EXT] = {
108*55e291a4SJuan Castillo 		.oid = BL31_HASH_OID,
109*55e291a4SJuan Castillo 		.sn = "SoCAPFirmwareHash",
110*55e291a4SJuan Castillo 		.ln = "SoC AP Firmware (BL31) hash (SHA256)",
111*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
112*55e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
113*55e291a4SJuan Castillo 	},
114*55e291a4SJuan Castillo 	[BL32_CONTENT_CERT_PK_EXT] = {
115*55e291a4SJuan Castillo 		.oid = BL32_CONTENT_CERT_PK_OID,
116*55e291a4SJuan Castillo 		.sn = "TrustedOSFirmwareContentCertPK",
117*55e291a4SJuan Castillo 		.ln = "Trusted OS Firmware content certificate public key",
118*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
119*55e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
120*55e291a4SJuan Castillo 		.data.key = BL32_KEY
121*55e291a4SJuan Castillo 	},
122*55e291a4SJuan Castillo 	[BL32_HASH_EXT] = {
123*55e291a4SJuan Castillo 		.oid = BL32_HASH_OID,
124*55e291a4SJuan Castillo 		.sn = "TrustedOSHash",
125*55e291a4SJuan Castillo 		.ln = "Trusted OS (BL32) hash (SHA256)",
126*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
127*55e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
128*55e291a4SJuan Castillo 	},
129*55e291a4SJuan Castillo 	[BL33_CONTENT_CERT_PK_EXT] = {
130*55e291a4SJuan Castillo 		.oid = BL33_CONTENT_CERT_PK_OID,
131*55e291a4SJuan Castillo 		.sn = "NonTrustedFirmwareContentCertPK",
132*55e291a4SJuan Castillo 		.ln = "Non-Trusted Firmware content certificate public key",
133*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
134*55e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
135*55e291a4SJuan Castillo 		.data.key = BL33_KEY
136*55e291a4SJuan Castillo 	},
137*55e291a4SJuan Castillo 	[BL33_HASH_EXT] = {
138*55e291a4SJuan Castillo 		.oid = BL33_HASH_OID,
139*55e291a4SJuan Castillo 		.sn = "NonTrustedWorldBootloaderHash",
140*55e291a4SJuan Castillo 		.ln = "Non-Trusted World (BL33) hash (SHA256)",
141*55e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
142*55e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
143*55e291a4SJuan Castillo 	}
144*55e291a4SJuan Castillo };
145*55e291a4SJuan Castillo 
146*55e291a4SJuan Castillo REGISTER_EXTENSIONS(tbb_ext);
147