xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision 96103d5af671b566cf523b0a5a1bb4fe4ef9bb64) 
155e291a4SJuan Castillo /*
255e291a4SJuan Castillo  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
355e291a4SJuan Castillo  *
455e291a4SJuan Castillo  * Redistribution and use in source and binary forms, with or without
555e291a4SJuan Castillo  * modification, are permitted provided that the following conditions are met:
655e291a4SJuan Castillo  *
755e291a4SJuan Castillo  * Redistributions of source code must retain the above copyright notice, this
855e291a4SJuan Castillo  * list of conditions and the following disclaimer.
955e291a4SJuan Castillo  *
1055e291a4SJuan Castillo  * Redistributions in binary form must reproduce the above copyright notice,
1155e291a4SJuan Castillo  * this list of conditions and the following disclaimer in the documentation
1255e291a4SJuan Castillo  * and/or other materials provided with the distribution.
1355e291a4SJuan Castillo  *
1455e291a4SJuan Castillo  * Neither the name of ARM nor the names of its contributors may be used
1555e291a4SJuan Castillo  * to endorse or promote products derived from this software without specific
1655e291a4SJuan Castillo  * prior written permission.
1755e291a4SJuan Castillo  *
1855e291a4SJuan Castillo  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
1955e291a4SJuan Castillo  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2055e291a4SJuan Castillo  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2155e291a4SJuan Castillo  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
2255e291a4SJuan Castillo  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
2355e291a4SJuan Castillo  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
2455e291a4SJuan Castillo  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
2555e291a4SJuan Castillo  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
2655e291a4SJuan Castillo  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
2755e291a4SJuan Castillo  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2855e291a4SJuan Castillo  * POSSIBILITY OF SUCH DAMAGE.
2955e291a4SJuan Castillo  */
3055e291a4SJuan Castillo 
3155e291a4SJuan Castillo #include <stdio.h>
3255e291a4SJuan Castillo #include <string.h>
3355e291a4SJuan Castillo #include <openssl/err.h>
3455e291a4SJuan Castillo #include <openssl/x509v3.h>
3555e291a4SJuan Castillo #include "ext.h"
3655e291a4SJuan Castillo #include "platform_oid.h"
3755e291a4SJuan Castillo #include "tbbr/tbb_ext.h"
3855e291a4SJuan Castillo #include "tbbr/tbb_key.h"
3955e291a4SJuan Castillo 
4055e291a4SJuan Castillo /* TODO: get these values from the command line */
4155e291a4SJuan Castillo #define TRUSTED_WORLD_NVCTR_VALUE	0
4255e291a4SJuan Castillo #define NORMAL_WORLD_NVCTR_VALUE	0
4355e291a4SJuan Castillo 
4455e291a4SJuan Castillo static ext_t tbb_ext[] = {
45516beb58SJuan Castillo 	[TRUSTED_FW_NVCOUNTER_EXT] = {
46516beb58SJuan Castillo 		.oid = TRUSTED_FW_NVCOUNTER_OID,
47*96103d5aSJuan Castillo 		.opt = "tfw-nvctr",
48*96103d5aSJuan Castillo 		.help_msg = "Trusted Firmware Non-Volatile counter value",
4955e291a4SJuan Castillo 		.sn = "TrustedWorldNVCounter",
5055e291a4SJuan Castillo 		.ln = "Trusted World Non-Volatile counter",
5155e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
5255e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
53*96103d5aSJuan Castillo 		.attr.nvctr_type = NVCTR_TYPE_TFW
5455e291a4SJuan Castillo 	},
55516beb58SJuan Castillo 	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
56516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
57*96103d5aSJuan Castillo 		.opt = "ntfw-nvctr",
58*96103d5aSJuan Castillo 		.help_msg = "Non-Trusted Firmware Non-Volatile counter value",
5955e291a4SJuan Castillo 		.sn = "NormalWorldNVCounter",
60*96103d5aSJuan Castillo 		.ln = "Non-Trusted Firmware Non-Volatile counter",
6155e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
6255e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
63*96103d5aSJuan Castillo 		.attr.nvctr_type = NVCTR_TYPE_NTFW
6455e291a4SJuan Castillo 	},
65516beb58SJuan Castillo 	[TRUSTED_BOOT_FW_HASH_EXT] = {
66516beb58SJuan Castillo 		.oid = TRUSTED_BOOT_FW_HASH_OID,
67516beb58SJuan Castillo 		.opt = "tb-fw",
68159807e2SJuan Castillo 		.help_msg = "Trusted Boot Firmware image file",
6955e291a4SJuan Castillo 		.sn = "TrustedBootFirmwareHash",
70516beb58SJuan Castillo 		.ln = "Trusted Boot Firmware hash (SHA256)",
7155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
7255e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
7355e291a4SJuan Castillo 	},
74516beb58SJuan Castillo 	[TRUSTED_WORLD_PK_EXT] = {
75516beb58SJuan Castillo 		.oid = TRUSTED_WORLD_PK_OID,
7655e291a4SJuan Castillo 		.sn = "TrustedWorldPublicKey",
7755e291a4SJuan Castillo 		.ln = "Trusted World Public Key",
7855e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
7955e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
80*96103d5aSJuan Castillo 		.attr.key = TRUSTED_WORLD_KEY
8155e291a4SJuan Castillo 	},
82516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_PK_EXT] = {
83516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_PK_OID,
8455e291a4SJuan Castillo 		.sn = "NonTrustedWorldPublicKey",
8555e291a4SJuan Castillo 		.ln = "Non-Trusted World Public Key",
8655e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
8755e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
88*96103d5aSJuan Castillo 		.attr.key = NON_TRUSTED_WORLD_KEY
8955e291a4SJuan Castillo 	},
90516beb58SJuan Castillo 	[SCP_FW_CONTENT_CERT_PK_EXT] = {
91516beb58SJuan Castillo 		.oid = SCP_FW_CONTENT_CERT_PK_OID,
9255e291a4SJuan Castillo 		.sn = "SCPFirmwareContentCertPK",
9355e291a4SJuan Castillo 		.ln = "SCP Firmware content certificate public key",
9455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
9555e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
96*96103d5aSJuan Castillo 		.attr.key = SCP_FW_CONTENT_CERT_KEY
9755e291a4SJuan Castillo 	},
98516beb58SJuan Castillo 	[SCP_FW_HASH_EXT] = {
99516beb58SJuan Castillo 		.oid = SCP_FW_HASH_OID,
100516beb58SJuan Castillo 		.opt = "scp-fw",
101159807e2SJuan Castillo 		.help_msg = "SCP Firmware image file",
10255e291a4SJuan Castillo 		.sn = "SCPFirmwareHash",
103516beb58SJuan Castillo 		.ln = "SCP Firmware hash (SHA256)",
10455e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
10555e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
10655e291a4SJuan Castillo 	},
107516beb58SJuan Castillo 	[SOC_FW_CONTENT_CERT_PK_EXT] = {
108516beb58SJuan Castillo 		.oid = SOC_FW_CONTENT_CERT_PK_OID,
10955e291a4SJuan Castillo 		.sn = "SoCFirmwareContentCertPK",
11055e291a4SJuan Castillo 		.ln = "SoC Firmware content certificate public key",
11155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
11255e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
113*96103d5aSJuan Castillo 		.attr.key = SOC_FW_CONTENT_CERT_KEY
11455e291a4SJuan Castillo 	},
115516beb58SJuan Castillo 	[SOC_AP_FW_HASH_EXT] = {
116516beb58SJuan Castillo 		.oid = SOC_AP_FW_HASH_OID,
117516beb58SJuan Castillo 		.opt = "soc-fw",
118159807e2SJuan Castillo 		.help_msg = "SoC AP Firmware image file",
11955e291a4SJuan Castillo 		.sn = "SoCAPFirmwareHash",
120516beb58SJuan Castillo 		.ln = "SoC AP Firmware hash (SHA256)",
12155e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
12255e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
12355e291a4SJuan Castillo 	},
124516beb58SJuan Castillo 	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
125516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
12655e291a4SJuan Castillo 		.sn = "TrustedOSFirmwareContentCertPK",
12755e291a4SJuan Castillo 		.ln = "Trusted OS Firmware content certificate public key",
12855e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
12955e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
130*96103d5aSJuan Castillo 		.attr.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
13155e291a4SJuan Castillo 	},
132516beb58SJuan Castillo 	[TRUSTED_OS_FW_HASH_EXT] = {
133516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_HASH_OID,
134516beb58SJuan Castillo 		.opt = "tos-fw",
135159807e2SJuan Castillo 		.help_msg = "Trusted OS image file",
13655e291a4SJuan Castillo 		.sn = "TrustedOSHash",
137516beb58SJuan Castillo 		.ln = "Trusted OS hash (SHA256)",
13855e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
13955e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
14055e291a4SJuan Castillo 	},
141516beb58SJuan Castillo 	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
142516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
14355e291a4SJuan Castillo 		.sn = "NonTrustedFirmwareContentCertPK",
14455e291a4SJuan Castillo 		.ln = "Non-Trusted Firmware content certificate public key",
14555e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
14655e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
147*96103d5aSJuan Castillo 		.attr.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
14855e291a4SJuan Castillo 	},
149516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
150516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
151516beb58SJuan Castillo 		.opt = "nt-fw",
152159807e2SJuan Castillo 		.help_msg = "Non-Trusted World Bootloader image file",
15355e291a4SJuan Castillo 		.sn = "NonTrustedWorldBootloaderHash",
154516beb58SJuan Castillo 		.ln = "Non-Trusted World hash (SHA256)",
15555e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
15655e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
157cebe1f23SYatharth Kochar 	},
158516beb58SJuan Castillo 	[SCP_FWU_CFG_HASH_EXT] = {
159516beb58SJuan Castillo 		.oid = SCP_FWU_CFG_HASH_OID,
160516beb58SJuan Castillo 		.opt = "scp-fwu-cfg",
161159807e2SJuan Castillo 		.help_msg = "SCP Firmware Update Config image file",
162cebe1f23SYatharth Kochar 		.sn = "SCPFWUpdateConfig",
163516beb58SJuan Castillo 		.ln = "SCP Firmware Update Config hash (SHA256)",
164cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
165cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
166cebe1f23SYatharth Kochar 		.optional = 1
167cebe1f23SYatharth Kochar 	},
168516beb58SJuan Castillo 	[AP_FWU_CFG_HASH_EXT] = {
169516beb58SJuan Castillo 		.oid = AP_FWU_CFG_HASH_OID,
170516beb58SJuan Castillo 		.opt = "ap-fwu-cfg",
171159807e2SJuan Castillo 		.help_msg = "AP Firmware Update Config image file",
172cebe1f23SYatharth Kochar 		.sn = "APFWUpdateConfig",
173516beb58SJuan Castillo 		.ln = "AP Firmware Update Config hash (SHA256)",
174cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
175cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
176cebe1f23SYatharth Kochar 		.optional = 1
177cebe1f23SYatharth Kochar 	},
178516beb58SJuan Castillo 	[FWU_HASH_EXT] = {
179516beb58SJuan Castillo 		.oid = FWU_HASH_OID,
180516beb58SJuan Castillo 		.opt = "fwu",
181159807e2SJuan Castillo 		.help_msg = "Firmware Updater image file",
182cebe1f23SYatharth Kochar 		.sn = "FWUpdaterHash",
183516beb58SJuan Castillo 		.ln = "Firmware Updater hash (SHA256)",
184cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
185cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
186cebe1f23SYatharth Kochar 		.optional = 1
18755e291a4SJuan Castillo 	}
18855e291a4SJuan Castillo };
18955e291a4SJuan Castillo 
19055e291a4SJuan Castillo REGISTER_EXTENSIONS(tbb_ext);
191