xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision 82cb2c1ad9897473743f08437d0a3995bed561b9) 
1 /*
2  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <stdio.h>
8 #include <string.h>
9 #include <openssl/err.h>
10 #include <openssl/x509v3.h>
11 #include "ext.h"
12 #include "platform_oid.h"
13 #include "tbbr/tbb_ext.h"
14 #include "tbbr/tbb_key.h"
15 
16 /* TODO: get these values from the command line */
17 #define TRUSTED_WORLD_NVCTR_VALUE	0
18 #define NORMAL_WORLD_NVCTR_VALUE	0
19 
20 static ext_t tbb_ext[] = {
21 	[TRUSTED_FW_NVCOUNTER_EXT] = {
22 		.oid = TRUSTED_FW_NVCOUNTER_OID,
23 		.opt = "tfw-nvctr",
24 		.help_msg = "Trusted Firmware Non-Volatile counter value",
25 		.sn = "TrustedWorldNVCounter",
26 		.ln = "Trusted World Non-Volatile counter",
27 		.asn1_type = V_ASN1_INTEGER,
28 		.type = EXT_TYPE_NVCOUNTER,
29 		.attr.nvctr_type = NVCTR_TYPE_TFW
30 	},
31 	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
32 		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
33 		.opt = "ntfw-nvctr",
34 		.help_msg = "Non-Trusted Firmware Non-Volatile counter value",
35 		.sn = "NormalWorldNVCounter",
36 		.ln = "Non-Trusted Firmware Non-Volatile counter",
37 		.asn1_type = V_ASN1_INTEGER,
38 		.type = EXT_TYPE_NVCOUNTER,
39 		.attr.nvctr_type = NVCTR_TYPE_NTFW
40 	},
41 	[TRUSTED_BOOT_FW_HASH_EXT] = {
42 		.oid = TRUSTED_BOOT_FW_HASH_OID,
43 		.opt = "tb-fw",
44 		.help_msg = "Trusted Boot Firmware image file",
45 		.sn = "TrustedBootFirmwareHash",
46 		.ln = "Trusted Boot Firmware hash (SHA256)",
47 		.asn1_type = V_ASN1_OCTET_STRING,
48 		.type = EXT_TYPE_HASH
49 	},
50 	[TRUSTED_WORLD_PK_EXT] = {
51 		.oid = TRUSTED_WORLD_PK_OID,
52 		.sn = "TrustedWorldPublicKey",
53 		.ln = "Trusted World Public Key",
54 		.asn1_type = V_ASN1_OCTET_STRING,
55 		.type = EXT_TYPE_PKEY,
56 		.attr.key = TRUSTED_WORLD_KEY
57 	},
58 	[NON_TRUSTED_WORLD_PK_EXT] = {
59 		.oid = NON_TRUSTED_WORLD_PK_OID,
60 		.sn = "NonTrustedWorldPublicKey",
61 		.ln = "Non-Trusted World Public Key",
62 		.asn1_type = V_ASN1_OCTET_STRING,
63 		.type = EXT_TYPE_PKEY,
64 		.attr.key = NON_TRUSTED_WORLD_KEY
65 	},
66 	[SCP_FW_CONTENT_CERT_PK_EXT] = {
67 		.oid = SCP_FW_CONTENT_CERT_PK_OID,
68 		.sn = "SCPFirmwareContentCertPK",
69 		.ln = "SCP Firmware content certificate public key",
70 		.asn1_type = V_ASN1_OCTET_STRING,
71 		.type = EXT_TYPE_PKEY,
72 		.attr.key = SCP_FW_CONTENT_CERT_KEY
73 	},
74 	[SCP_FW_HASH_EXT] = {
75 		.oid = SCP_FW_HASH_OID,
76 		.opt = "scp-fw",
77 		.help_msg = "SCP Firmware image file",
78 		.sn = "SCPFirmwareHash",
79 		.ln = "SCP Firmware hash (SHA256)",
80 		.asn1_type = V_ASN1_OCTET_STRING,
81 		.type = EXT_TYPE_HASH
82 	},
83 	[SOC_FW_CONTENT_CERT_PK_EXT] = {
84 		.oid = SOC_FW_CONTENT_CERT_PK_OID,
85 		.sn = "SoCFirmwareContentCertPK",
86 		.ln = "SoC Firmware content certificate public key",
87 		.asn1_type = V_ASN1_OCTET_STRING,
88 		.type = EXT_TYPE_PKEY,
89 		.attr.key = SOC_FW_CONTENT_CERT_KEY
90 	},
91 	[SOC_AP_FW_HASH_EXT] = {
92 		.oid = SOC_AP_FW_HASH_OID,
93 		.opt = "soc-fw",
94 		.help_msg = "SoC AP Firmware image file",
95 		.sn = "SoCAPFirmwareHash",
96 		.ln = "SoC AP Firmware hash (SHA256)",
97 		.asn1_type = V_ASN1_OCTET_STRING,
98 		.type = EXT_TYPE_HASH
99 	},
100 	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
101 		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
102 		.sn = "TrustedOSFirmwareContentCertPK",
103 		.ln = "Trusted OS Firmware content certificate public key",
104 		.asn1_type = V_ASN1_OCTET_STRING,
105 		.type = EXT_TYPE_PKEY,
106 		.attr.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
107 	},
108 	[TRUSTED_OS_FW_HASH_EXT] = {
109 		.oid = TRUSTED_OS_FW_HASH_OID,
110 		.opt = "tos-fw",
111 		.help_msg = "Trusted OS image file",
112 		.sn = "TrustedOSHash",
113 		.ln = "Trusted OS hash (SHA256)",
114 		.asn1_type = V_ASN1_OCTET_STRING,
115 		.type = EXT_TYPE_HASH
116 	},
117 	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
118 		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
119 		.sn = "NonTrustedFirmwareContentCertPK",
120 		.ln = "Non-Trusted Firmware content certificate public key",
121 		.asn1_type = V_ASN1_OCTET_STRING,
122 		.type = EXT_TYPE_PKEY,
123 		.attr.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
124 	},
125 	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
126 		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
127 		.opt = "nt-fw",
128 		.help_msg = "Non-Trusted World Bootloader image file",
129 		.sn = "NonTrustedWorldBootloaderHash",
130 		.ln = "Non-Trusted World hash (SHA256)",
131 		.asn1_type = V_ASN1_OCTET_STRING,
132 		.type = EXT_TYPE_HASH
133 	},
134 	[SCP_FWU_CFG_HASH_EXT] = {
135 		.oid = SCP_FWU_CFG_HASH_OID,
136 		.opt = "scp-fwu-cfg",
137 		.help_msg = "SCP Firmware Update Config image file",
138 		.sn = "SCPFWUpdateConfig",
139 		.ln = "SCP Firmware Update Config hash (SHA256)",
140 		.asn1_type = V_ASN1_OCTET_STRING,
141 		.type = EXT_TYPE_HASH,
142 		.optional = 1
143 	},
144 	[AP_FWU_CFG_HASH_EXT] = {
145 		.oid = AP_FWU_CFG_HASH_OID,
146 		.opt = "ap-fwu-cfg",
147 		.help_msg = "AP Firmware Update Config image file",
148 		.sn = "APFWUpdateConfig",
149 		.ln = "AP Firmware Update Config hash (SHA256)",
150 		.asn1_type = V_ASN1_OCTET_STRING,
151 		.type = EXT_TYPE_HASH,
152 		.optional = 1
153 	},
154 	[FWU_HASH_EXT] = {
155 		.oid = FWU_HASH_OID,
156 		.opt = "fwu",
157 		.help_msg = "Firmware Updater image file",
158 		.sn = "FWUpdaterHash",
159 		.ln = "Firmware Updater hash (SHA256)",
160 		.asn1_type = V_ASN1_OCTET_STRING,
161 		.type = EXT_TYPE_HASH,
162 		.optional = 1
163 	}
164 };
165 
166 REGISTER_EXTENSIONS(tbb_ext);
167