xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision 82cb2c1ad9897473743f08437d0a3995bed561b9) 
155e291a4SJuan Castillo /*
255e291a4SJuan Castillo  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
355e291a4SJuan Castillo  *
4*82cb2c1aSdp-arm  * SPDX-License-Identifier: BSD-3-Clause
555e291a4SJuan Castillo  */
655e291a4SJuan Castillo 
755e291a4SJuan Castillo #include <stdio.h>
855e291a4SJuan Castillo #include <string.h>
955e291a4SJuan Castillo #include <openssl/err.h>
1055e291a4SJuan Castillo #include <openssl/x509v3.h>
1155e291a4SJuan Castillo #include "ext.h"
1255e291a4SJuan Castillo #include "platform_oid.h"
1355e291a4SJuan Castillo #include "tbbr/tbb_ext.h"
1455e291a4SJuan Castillo #include "tbbr/tbb_key.h"
1555e291a4SJuan Castillo 
1655e291a4SJuan Castillo /* TODO: get these values from the command line */
1755e291a4SJuan Castillo #define TRUSTED_WORLD_NVCTR_VALUE	0
1855e291a4SJuan Castillo #define NORMAL_WORLD_NVCTR_VALUE	0
1955e291a4SJuan Castillo 
2055e291a4SJuan Castillo static ext_t tbb_ext[] = {
21516beb58SJuan Castillo 	[TRUSTED_FW_NVCOUNTER_EXT] = {
22516beb58SJuan Castillo 		.oid = TRUSTED_FW_NVCOUNTER_OID,
2396103d5aSJuan Castillo 		.opt = "tfw-nvctr",
2496103d5aSJuan Castillo 		.help_msg = "Trusted Firmware Non-Volatile counter value",
2555e291a4SJuan Castillo 		.sn = "TrustedWorldNVCounter",
2655e291a4SJuan Castillo 		.ln = "Trusted World Non-Volatile counter",
2755e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
2855e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
2996103d5aSJuan Castillo 		.attr.nvctr_type = NVCTR_TYPE_TFW
3055e291a4SJuan Castillo 	},
31516beb58SJuan Castillo 	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
32516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
3396103d5aSJuan Castillo 		.opt = "ntfw-nvctr",
3496103d5aSJuan Castillo 		.help_msg = "Non-Trusted Firmware Non-Volatile counter value",
3555e291a4SJuan Castillo 		.sn = "NormalWorldNVCounter",
3696103d5aSJuan Castillo 		.ln = "Non-Trusted Firmware Non-Volatile counter",
3755e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
3855e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
3996103d5aSJuan Castillo 		.attr.nvctr_type = NVCTR_TYPE_NTFW
4055e291a4SJuan Castillo 	},
41516beb58SJuan Castillo 	[TRUSTED_BOOT_FW_HASH_EXT] = {
42516beb58SJuan Castillo 		.oid = TRUSTED_BOOT_FW_HASH_OID,
43516beb58SJuan Castillo 		.opt = "tb-fw",
44159807e2SJuan Castillo 		.help_msg = "Trusted Boot Firmware image file",
4555e291a4SJuan Castillo 		.sn = "TrustedBootFirmwareHash",
46516beb58SJuan Castillo 		.ln = "Trusted Boot Firmware hash (SHA256)",
4755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
4855e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
4955e291a4SJuan Castillo 	},
50516beb58SJuan Castillo 	[TRUSTED_WORLD_PK_EXT] = {
51516beb58SJuan Castillo 		.oid = TRUSTED_WORLD_PK_OID,
5255e291a4SJuan Castillo 		.sn = "TrustedWorldPublicKey",
5355e291a4SJuan Castillo 		.ln = "Trusted World Public Key",
5455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
5555e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
5696103d5aSJuan Castillo 		.attr.key = TRUSTED_WORLD_KEY
5755e291a4SJuan Castillo 	},
58516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_PK_EXT] = {
59516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_PK_OID,
6055e291a4SJuan Castillo 		.sn = "NonTrustedWorldPublicKey",
6155e291a4SJuan Castillo 		.ln = "Non-Trusted World Public Key",
6255e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
6355e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
6496103d5aSJuan Castillo 		.attr.key = NON_TRUSTED_WORLD_KEY
6555e291a4SJuan Castillo 	},
66516beb58SJuan Castillo 	[SCP_FW_CONTENT_CERT_PK_EXT] = {
67516beb58SJuan Castillo 		.oid = SCP_FW_CONTENT_CERT_PK_OID,
6855e291a4SJuan Castillo 		.sn = "SCPFirmwareContentCertPK",
6955e291a4SJuan Castillo 		.ln = "SCP Firmware content certificate public key",
7055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
7155e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
7296103d5aSJuan Castillo 		.attr.key = SCP_FW_CONTENT_CERT_KEY
7355e291a4SJuan Castillo 	},
74516beb58SJuan Castillo 	[SCP_FW_HASH_EXT] = {
75516beb58SJuan Castillo 		.oid = SCP_FW_HASH_OID,
76516beb58SJuan Castillo 		.opt = "scp-fw",
77159807e2SJuan Castillo 		.help_msg = "SCP Firmware image file",
7855e291a4SJuan Castillo 		.sn = "SCPFirmwareHash",
79516beb58SJuan Castillo 		.ln = "SCP Firmware hash (SHA256)",
8055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
8155e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
8255e291a4SJuan Castillo 	},
83516beb58SJuan Castillo 	[SOC_FW_CONTENT_CERT_PK_EXT] = {
84516beb58SJuan Castillo 		.oid = SOC_FW_CONTENT_CERT_PK_OID,
8555e291a4SJuan Castillo 		.sn = "SoCFirmwareContentCertPK",
8655e291a4SJuan Castillo 		.ln = "SoC Firmware content certificate public key",
8755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
8855e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
8996103d5aSJuan Castillo 		.attr.key = SOC_FW_CONTENT_CERT_KEY
9055e291a4SJuan Castillo 	},
91516beb58SJuan Castillo 	[SOC_AP_FW_HASH_EXT] = {
92516beb58SJuan Castillo 		.oid = SOC_AP_FW_HASH_OID,
93516beb58SJuan Castillo 		.opt = "soc-fw",
94159807e2SJuan Castillo 		.help_msg = "SoC AP Firmware image file",
9555e291a4SJuan Castillo 		.sn = "SoCAPFirmwareHash",
96516beb58SJuan Castillo 		.ln = "SoC AP Firmware hash (SHA256)",
9755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
9855e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
9955e291a4SJuan Castillo 	},
100516beb58SJuan Castillo 	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
101516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
10255e291a4SJuan Castillo 		.sn = "TrustedOSFirmwareContentCertPK",
10355e291a4SJuan Castillo 		.ln = "Trusted OS Firmware content certificate public key",
10455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
10555e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
10696103d5aSJuan Castillo 		.attr.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
10755e291a4SJuan Castillo 	},
108516beb58SJuan Castillo 	[TRUSTED_OS_FW_HASH_EXT] = {
109516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_HASH_OID,
110516beb58SJuan Castillo 		.opt = "tos-fw",
111159807e2SJuan Castillo 		.help_msg = "Trusted OS image file",
11255e291a4SJuan Castillo 		.sn = "TrustedOSHash",
113516beb58SJuan Castillo 		.ln = "Trusted OS hash (SHA256)",
11455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
11555e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
11655e291a4SJuan Castillo 	},
117516beb58SJuan Castillo 	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
118516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
11955e291a4SJuan Castillo 		.sn = "NonTrustedFirmwareContentCertPK",
12055e291a4SJuan Castillo 		.ln = "Non-Trusted Firmware content certificate public key",
12155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
12255e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
12396103d5aSJuan Castillo 		.attr.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
12455e291a4SJuan Castillo 	},
125516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
126516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
127516beb58SJuan Castillo 		.opt = "nt-fw",
128159807e2SJuan Castillo 		.help_msg = "Non-Trusted World Bootloader image file",
12955e291a4SJuan Castillo 		.sn = "NonTrustedWorldBootloaderHash",
130516beb58SJuan Castillo 		.ln = "Non-Trusted World hash (SHA256)",
13155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
13255e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
133cebe1f23SYatharth Kochar 	},
134516beb58SJuan Castillo 	[SCP_FWU_CFG_HASH_EXT] = {
135516beb58SJuan Castillo 		.oid = SCP_FWU_CFG_HASH_OID,
136516beb58SJuan Castillo 		.opt = "scp-fwu-cfg",
137159807e2SJuan Castillo 		.help_msg = "SCP Firmware Update Config image file",
138cebe1f23SYatharth Kochar 		.sn = "SCPFWUpdateConfig",
139516beb58SJuan Castillo 		.ln = "SCP Firmware Update Config hash (SHA256)",
140cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
141cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
142cebe1f23SYatharth Kochar 		.optional = 1
143cebe1f23SYatharth Kochar 	},
144516beb58SJuan Castillo 	[AP_FWU_CFG_HASH_EXT] = {
145516beb58SJuan Castillo 		.oid = AP_FWU_CFG_HASH_OID,
146516beb58SJuan Castillo 		.opt = "ap-fwu-cfg",
147159807e2SJuan Castillo 		.help_msg = "AP Firmware Update Config image file",
148cebe1f23SYatharth Kochar 		.sn = "APFWUpdateConfig",
149516beb58SJuan Castillo 		.ln = "AP Firmware Update Config hash (SHA256)",
150cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
151cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
152cebe1f23SYatharth Kochar 		.optional = 1
153cebe1f23SYatharth Kochar 	},
154516beb58SJuan Castillo 	[FWU_HASH_EXT] = {
155516beb58SJuan Castillo 		.oid = FWU_HASH_OID,
156516beb58SJuan Castillo 		.opt = "fwu",
157159807e2SJuan Castillo 		.help_msg = "Firmware Updater image file",
158cebe1f23SYatharth Kochar 		.sn = "FWUpdaterHash",
159516beb58SJuan Castillo 		.ln = "Firmware Updater hash (SHA256)",
160cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
161cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
162cebe1f23SYatharth Kochar 		.optional = 1
16355e291a4SJuan Castillo 	}
16455e291a4SJuan Castillo };
16555e291a4SJuan Castillo 
16655e291a4SJuan Castillo REGISTER_EXTENSIONS(tbb_ext);
167