xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision bb41eb7a9dc3e3b31df2e20237a2bcf1a3cae72a) 
155e291a4SJuan Castillo /*
2*bb41eb7aSMasahiro Yamada  * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
355e291a4SJuan Castillo  *
482cb2c1aSdp-arm  * SPDX-License-Identifier: BSD-3-Clause
555e291a4SJuan Castillo  */
655e291a4SJuan Castillo 
755e291a4SJuan Castillo #include <stdio.h>
855e291a4SJuan Castillo #include <string.h>
955e291a4SJuan Castillo #include <openssl/err.h>
1055e291a4SJuan Castillo #include <openssl/x509v3.h>
11*bb41eb7aSMasahiro Yamada 
12*bb41eb7aSMasahiro Yamada #if USE_TBBR_DEFS
13*bb41eb7aSMasahiro Yamada #include <tbbr_oid.h>
14*bb41eb7aSMasahiro Yamada #else
15*bb41eb7aSMasahiro Yamada #include <platform_oid.h>
16*bb41eb7aSMasahiro Yamada #endif
17*bb41eb7aSMasahiro Yamada 
1855e291a4SJuan Castillo #include "ext.h"
1955e291a4SJuan Castillo #include "tbbr/tbb_ext.h"
2055e291a4SJuan Castillo #include "tbbr/tbb_key.h"
2155e291a4SJuan Castillo 
2255e291a4SJuan Castillo /* TODO: get these values from the command line */
2355e291a4SJuan Castillo #define TRUSTED_WORLD_NVCTR_VALUE	0
2455e291a4SJuan Castillo #define NORMAL_WORLD_NVCTR_VALUE	0
2555e291a4SJuan Castillo 
2655e291a4SJuan Castillo static ext_t tbb_ext[] = {
27516beb58SJuan Castillo 	[TRUSTED_FW_NVCOUNTER_EXT] = {
28516beb58SJuan Castillo 		.oid = TRUSTED_FW_NVCOUNTER_OID,
2996103d5aSJuan Castillo 		.opt = "tfw-nvctr",
3096103d5aSJuan Castillo 		.help_msg = "Trusted Firmware Non-Volatile counter value",
3155e291a4SJuan Castillo 		.sn = "TrustedWorldNVCounter",
3255e291a4SJuan Castillo 		.ln = "Trusted World Non-Volatile counter",
3355e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
3455e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
3596103d5aSJuan Castillo 		.attr.nvctr_type = NVCTR_TYPE_TFW
3655e291a4SJuan Castillo 	},
37516beb58SJuan Castillo 	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
38516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
3996103d5aSJuan Castillo 		.opt = "ntfw-nvctr",
4096103d5aSJuan Castillo 		.help_msg = "Non-Trusted Firmware Non-Volatile counter value",
4155e291a4SJuan Castillo 		.sn = "NormalWorldNVCounter",
4296103d5aSJuan Castillo 		.ln = "Non-Trusted Firmware Non-Volatile counter",
4355e291a4SJuan Castillo 		.asn1_type = V_ASN1_INTEGER,
4455e291a4SJuan Castillo 		.type = EXT_TYPE_NVCOUNTER,
4596103d5aSJuan Castillo 		.attr.nvctr_type = NVCTR_TYPE_NTFW
4655e291a4SJuan Castillo 	},
47516beb58SJuan Castillo 	[TRUSTED_BOOT_FW_HASH_EXT] = {
48516beb58SJuan Castillo 		.oid = TRUSTED_BOOT_FW_HASH_OID,
49516beb58SJuan Castillo 		.opt = "tb-fw",
50159807e2SJuan Castillo 		.help_msg = "Trusted Boot Firmware image file",
5155e291a4SJuan Castillo 		.sn = "TrustedBootFirmwareHash",
52516beb58SJuan Castillo 		.ln = "Trusted Boot Firmware hash (SHA256)",
5355e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
5455e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
5555e291a4SJuan Castillo 	},
56516beb58SJuan Castillo 	[TRUSTED_WORLD_PK_EXT] = {
57516beb58SJuan Castillo 		.oid = TRUSTED_WORLD_PK_OID,
5855e291a4SJuan Castillo 		.sn = "TrustedWorldPublicKey",
5955e291a4SJuan Castillo 		.ln = "Trusted World Public Key",
6055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
6155e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
6296103d5aSJuan Castillo 		.attr.key = TRUSTED_WORLD_KEY
6355e291a4SJuan Castillo 	},
64516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_PK_EXT] = {
65516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_PK_OID,
6655e291a4SJuan Castillo 		.sn = "NonTrustedWorldPublicKey",
6755e291a4SJuan Castillo 		.ln = "Non-Trusted World Public Key",
6855e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
6955e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
7096103d5aSJuan Castillo 		.attr.key = NON_TRUSTED_WORLD_KEY
7155e291a4SJuan Castillo 	},
72516beb58SJuan Castillo 	[SCP_FW_CONTENT_CERT_PK_EXT] = {
73516beb58SJuan Castillo 		.oid = SCP_FW_CONTENT_CERT_PK_OID,
7455e291a4SJuan Castillo 		.sn = "SCPFirmwareContentCertPK",
7555e291a4SJuan Castillo 		.ln = "SCP Firmware content certificate public key",
7655e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
7755e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
7896103d5aSJuan Castillo 		.attr.key = SCP_FW_CONTENT_CERT_KEY
7955e291a4SJuan Castillo 	},
80516beb58SJuan Castillo 	[SCP_FW_HASH_EXT] = {
81516beb58SJuan Castillo 		.oid = SCP_FW_HASH_OID,
82516beb58SJuan Castillo 		.opt = "scp-fw",
83159807e2SJuan Castillo 		.help_msg = "SCP Firmware image file",
8455e291a4SJuan Castillo 		.sn = "SCPFirmwareHash",
85516beb58SJuan Castillo 		.ln = "SCP Firmware hash (SHA256)",
8655e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
8755e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
8855e291a4SJuan Castillo 	},
89516beb58SJuan Castillo 	[SOC_FW_CONTENT_CERT_PK_EXT] = {
90516beb58SJuan Castillo 		.oid = SOC_FW_CONTENT_CERT_PK_OID,
9155e291a4SJuan Castillo 		.sn = "SoCFirmwareContentCertPK",
9255e291a4SJuan Castillo 		.ln = "SoC Firmware content certificate public key",
9355e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
9455e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
9596103d5aSJuan Castillo 		.attr.key = SOC_FW_CONTENT_CERT_KEY
9655e291a4SJuan Castillo 	},
97516beb58SJuan Castillo 	[SOC_AP_FW_HASH_EXT] = {
98516beb58SJuan Castillo 		.oid = SOC_AP_FW_HASH_OID,
99516beb58SJuan Castillo 		.opt = "soc-fw",
100159807e2SJuan Castillo 		.help_msg = "SoC AP Firmware image file",
10155e291a4SJuan Castillo 		.sn = "SoCAPFirmwareHash",
102516beb58SJuan Castillo 		.ln = "SoC AP Firmware hash (SHA256)",
10355e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
10455e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
10555e291a4SJuan Castillo 	},
106516beb58SJuan Castillo 	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
107516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
10855e291a4SJuan Castillo 		.sn = "TrustedOSFirmwareContentCertPK",
10955e291a4SJuan Castillo 		.ln = "Trusted OS Firmware content certificate public key",
11055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
11155e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
11296103d5aSJuan Castillo 		.attr.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
11355e291a4SJuan Castillo 	},
114516beb58SJuan Castillo 	[TRUSTED_OS_FW_HASH_EXT] = {
115516beb58SJuan Castillo 		.oid = TRUSTED_OS_FW_HASH_OID,
116516beb58SJuan Castillo 		.opt = "tos-fw",
117159807e2SJuan Castillo 		.help_msg = "Trusted OS image file",
11855e291a4SJuan Castillo 		.sn = "TrustedOSHash",
119516beb58SJuan Castillo 		.ln = "Trusted OS hash (SHA256)",
12055e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
12155e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
12255e291a4SJuan Castillo 	},
123516beb58SJuan Castillo 	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
124516beb58SJuan Castillo 		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
12555e291a4SJuan Castillo 		.sn = "NonTrustedFirmwareContentCertPK",
12655e291a4SJuan Castillo 		.ln = "Non-Trusted Firmware content certificate public key",
12755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
12855e291a4SJuan Castillo 		.type = EXT_TYPE_PKEY,
12996103d5aSJuan Castillo 		.attr.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
13055e291a4SJuan Castillo 	},
131516beb58SJuan Castillo 	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
132516beb58SJuan Castillo 		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
133516beb58SJuan Castillo 		.opt = "nt-fw",
134159807e2SJuan Castillo 		.help_msg = "Non-Trusted World Bootloader image file",
13555e291a4SJuan Castillo 		.sn = "NonTrustedWorldBootloaderHash",
136516beb58SJuan Castillo 		.ln = "Non-Trusted World hash (SHA256)",
13755e291a4SJuan Castillo 		.asn1_type = V_ASN1_OCTET_STRING,
13855e291a4SJuan Castillo 		.type = EXT_TYPE_HASH
139cebe1f23SYatharth Kochar 	},
140516beb58SJuan Castillo 	[SCP_FWU_CFG_HASH_EXT] = {
141516beb58SJuan Castillo 		.oid = SCP_FWU_CFG_HASH_OID,
142516beb58SJuan Castillo 		.opt = "scp-fwu-cfg",
143159807e2SJuan Castillo 		.help_msg = "SCP Firmware Update Config image file",
144cebe1f23SYatharth Kochar 		.sn = "SCPFWUpdateConfig",
145516beb58SJuan Castillo 		.ln = "SCP Firmware Update Config hash (SHA256)",
146cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
147cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
148cebe1f23SYatharth Kochar 		.optional = 1
149cebe1f23SYatharth Kochar 	},
150516beb58SJuan Castillo 	[AP_FWU_CFG_HASH_EXT] = {
151516beb58SJuan Castillo 		.oid = AP_FWU_CFG_HASH_OID,
152516beb58SJuan Castillo 		.opt = "ap-fwu-cfg",
153159807e2SJuan Castillo 		.help_msg = "AP Firmware Update Config image file",
154cebe1f23SYatharth Kochar 		.sn = "APFWUpdateConfig",
155516beb58SJuan Castillo 		.ln = "AP Firmware Update Config hash (SHA256)",
156cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
157cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
158cebe1f23SYatharth Kochar 		.optional = 1
159cebe1f23SYatharth Kochar 	},
160516beb58SJuan Castillo 	[FWU_HASH_EXT] = {
161516beb58SJuan Castillo 		.oid = FWU_HASH_OID,
162516beb58SJuan Castillo 		.opt = "fwu",
163159807e2SJuan Castillo 		.help_msg = "Firmware Updater image file",
164cebe1f23SYatharth Kochar 		.sn = "FWUpdaterHash",
165516beb58SJuan Castillo 		.ln = "Firmware Updater hash (SHA256)",
166cebe1f23SYatharth Kochar 		.asn1_type = V_ASN1_OCTET_STRING,
167cebe1f23SYatharth Kochar 		.type = EXT_TYPE_HASH,
168cebe1f23SYatharth Kochar 		.optional = 1
16955e291a4SJuan Castillo 	}
17055e291a4SJuan Castillo };
17155e291a4SJuan Castillo 
17255e291a4SJuan Castillo REGISTER_EXTENSIONS(tbb_ext);
173