xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision fd7b287cbe9147ca9e07dd9f30c49c58bbdd92a8) 
1 /*
2  * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #include <stdio.h>
8 #include <string.h>
9 #include <openssl/err.h>
10 #include <openssl/x509v3.h>
11 
12 #if USE_TBBR_DEFS
13 #include <tbbr_oid.h>
14 #else
15 #include <platform_oid.h>
16 #endif
17 
18 #include "ext.h"
19 #include "tbbr/tbb_ext.h"
20 #include "tbbr/tbb_key.h"
21 
22 static ext_t tbb_ext[] = {
23 	[TRUSTED_FW_NVCOUNTER_EXT] = {
24 		.oid = TRUSTED_FW_NVCOUNTER_OID,
25 		.opt = "tfw-nvctr",
26 		.help_msg = "Trusted Firmware Non-Volatile counter value",
27 		.sn = "TrustedWorldNVCounter",
28 		.ln = "Trusted World Non-Volatile counter",
29 		.asn1_type = V_ASN1_INTEGER,
30 		.type = EXT_TYPE_NVCOUNTER,
31 		.attr.nvctr_type = NVCTR_TYPE_TFW
32 	},
33 	[NON_TRUSTED_FW_NVCOUNTER_EXT] = {
34 		.oid = NON_TRUSTED_FW_NVCOUNTER_OID,
35 		.opt = "ntfw-nvctr",
36 		.help_msg = "Non-Trusted Firmware Non-Volatile counter value",
37 		.sn = "NormalWorldNVCounter",
38 		.ln = "Non-Trusted Firmware Non-Volatile counter",
39 		.asn1_type = V_ASN1_INTEGER,
40 		.type = EXT_TYPE_NVCOUNTER,
41 		.attr.nvctr_type = NVCTR_TYPE_NTFW
42 	},
43 	[TRUSTED_BOOT_FW_HASH_EXT] = {
44 		.oid = TRUSTED_BOOT_FW_HASH_OID,
45 		.opt = "tb-fw",
46 		.help_msg = "Trusted Boot Firmware image file",
47 		.sn = "TrustedBootFirmwareHash",
48 		.ln = "Trusted Boot Firmware hash (SHA256)",
49 		.asn1_type = V_ASN1_OCTET_STRING,
50 		.type = EXT_TYPE_HASH
51 	},
52 	[TRUSTED_BOOT_FW_CONFIG_HASH_EXT] = {
53 		.oid = TRUSTED_BOOT_FW_CONFIG_HASH_OID,
54 		.opt = "tb-fw-config",
55 		.help_msg = "Trusted Boot Firmware Config file",
56 		.sn = "TrustedBootFirmwareConfigHash",
57 		.ln = "Trusted Boot Firmware Config hash",
58 		.asn1_type = V_ASN1_OCTET_STRING,
59 		.type = EXT_TYPE_HASH,
60 		.optional = 1
61 	},
62 	[HW_CONFIG_HASH_EXT] = {
63 		.oid = HW_CONFIG_HASH_OID,
64 		.opt = "hw-config",
65 		.help_msg = "HW Config file",
66 		.sn = "HWConfigHash",
67 		.ln = "HW Config hash",
68 		.asn1_type = V_ASN1_OCTET_STRING,
69 		.type = EXT_TYPE_HASH,
70 		.optional = 1
71 	},
72 	[TRUSTED_WORLD_PK_EXT] = {
73 		.oid = TRUSTED_WORLD_PK_OID,
74 		.sn = "TrustedWorldPublicKey",
75 		.ln = "Trusted World Public Key",
76 		.asn1_type = V_ASN1_OCTET_STRING,
77 		.type = EXT_TYPE_PKEY,
78 		.attr.key = TRUSTED_WORLD_KEY
79 	},
80 	[NON_TRUSTED_WORLD_PK_EXT] = {
81 		.oid = NON_TRUSTED_WORLD_PK_OID,
82 		.sn = "NonTrustedWorldPublicKey",
83 		.ln = "Non-Trusted World Public Key",
84 		.asn1_type = V_ASN1_OCTET_STRING,
85 		.type = EXT_TYPE_PKEY,
86 		.attr.key = NON_TRUSTED_WORLD_KEY
87 	},
88 	[SCP_FW_CONTENT_CERT_PK_EXT] = {
89 		.oid = SCP_FW_CONTENT_CERT_PK_OID,
90 		.sn = "SCPFirmwareContentCertPK",
91 		.ln = "SCP Firmware content certificate public key",
92 		.asn1_type = V_ASN1_OCTET_STRING,
93 		.type = EXT_TYPE_PKEY,
94 		.attr.key = SCP_FW_CONTENT_CERT_KEY
95 	},
96 	[SCP_FW_HASH_EXT] = {
97 		.oid = SCP_FW_HASH_OID,
98 		.opt = "scp-fw",
99 		.help_msg = "SCP Firmware image file",
100 		.sn = "SCPFirmwareHash",
101 		.ln = "SCP Firmware hash (SHA256)",
102 		.asn1_type = V_ASN1_OCTET_STRING,
103 		.type = EXT_TYPE_HASH
104 	},
105 	[SOC_FW_CONTENT_CERT_PK_EXT] = {
106 		.oid = SOC_FW_CONTENT_CERT_PK_OID,
107 		.sn = "SoCFirmwareContentCertPK",
108 		.ln = "SoC Firmware content certificate public key",
109 		.asn1_type = V_ASN1_OCTET_STRING,
110 		.type = EXT_TYPE_PKEY,
111 		.attr.key = SOC_FW_CONTENT_CERT_KEY
112 	},
113 	[SOC_AP_FW_HASH_EXT] = {
114 		.oid = SOC_AP_FW_HASH_OID,
115 		.opt = "soc-fw",
116 		.help_msg = "SoC AP Firmware image file",
117 		.sn = "SoCAPFirmwareHash",
118 		.ln = "SoC AP Firmware hash (SHA256)",
119 		.asn1_type = V_ASN1_OCTET_STRING,
120 		.type = EXT_TYPE_HASH
121 	},
122 	[SOC_FW_CONFIG_HASH_EXT] = {
123 		.oid = SOC_FW_CONFIG_HASH_OID,
124 		.opt = "soc-fw-config",
125 		.help_msg = "SoC Firmware Config file",
126 		.sn = "SocFirmwareConfigHash",
127 		.ln = "SoC Firmware Config hash",
128 		.asn1_type = V_ASN1_OCTET_STRING,
129 		.type = EXT_TYPE_HASH,
130 		.optional = 1
131 	},
132 	[TRUSTED_OS_FW_CONTENT_CERT_PK_EXT] = {
133 		.oid = TRUSTED_OS_FW_CONTENT_CERT_PK_OID,
134 		.sn = "TrustedOSFirmwareContentCertPK",
135 		.ln = "Trusted OS Firmware content certificate public key",
136 		.asn1_type = V_ASN1_OCTET_STRING,
137 		.type = EXT_TYPE_PKEY,
138 		.attr.key = TRUSTED_OS_FW_CONTENT_CERT_KEY
139 	},
140 	[TRUSTED_OS_FW_HASH_EXT] = {
141 		.oid = TRUSTED_OS_FW_HASH_OID,
142 		.opt = "tos-fw",
143 		.help_msg = "Trusted OS image file",
144 		.sn = "TrustedOSHash",
145 		.ln = "Trusted OS hash (SHA256)",
146 		.asn1_type = V_ASN1_OCTET_STRING,
147 		.type = EXT_TYPE_HASH
148 	},
149 	[TRUSTED_OS_FW_EXTRA1_HASH_EXT] = {
150 		.oid = TRUSTED_OS_FW_EXTRA1_HASH_OID,
151 		.opt = "tos-fw-extra1",
152 		.help_msg = "Trusted OS Extra1 image file",
153 		.sn = "TrustedOSExtra1Hash",
154 		.ln = "Trusted OS Extra1 hash (SHA256)",
155 		.asn1_type = V_ASN1_OCTET_STRING,
156 		.type = EXT_TYPE_HASH,
157 		.optional = 1
158 	},
159 	[TRUSTED_OS_FW_EXTRA2_HASH_EXT] = {
160 		.oid = TRUSTED_OS_FW_EXTRA2_HASH_OID,
161 		.opt = "tos-fw-extra2",
162 		.help_msg = "Trusted OS Extra2 image file",
163 		.sn = "TrustedOSExtra2Hash",
164 		.ln = "Trusted OS Extra2 hash (SHA256)",
165 		.asn1_type = V_ASN1_OCTET_STRING,
166 		.type = EXT_TYPE_HASH,
167 		.optional = 1
168 	},
169 	[TRUSTED_OS_FW_CONFIG_HASH_EXT] = {
170 		.oid = TRUSTED_OS_FW_CONFIG_HASH_OID,
171 		.opt = "tos-fw-config",
172 		.help_msg = "Trusted OS Firmware Config file",
173 		.sn = "TrustedOSFirmwareConfigHash",
174 		.ln = "Trusted OS Firmware Config hash",
175 		.asn1_type = V_ASN1_OCTET_STRING,
176 		.type = EXT_TYPE_HASH,
177 		.optional = 1
178 	},
179 	[NON_TRUSTED_FW_CONTENT_CERT_PK_EXT] = {
180 		.oid = NON_TRUSTED_FW_CONTENT_CERT_PK_OID,
181 		.sn = "NonTrustedFirmwareContentCertPK",
182 		.ln = "Non-Trusted Firmware content certificate public key",
183 		.asn1_type = V_ASN1_OCTET_STRING,
184 		.type = EXT_TYPE_PKEY,
185 		.attr.key = NON_TRUSTED_FW_CONTENT_CERT_KEY
186 	},
187 	[NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = {
188 		.oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID,
189 		.opt = "nt-fw",
190 		.help_msg = "Non-Trusted World Bootloader image file",
191 		.sn = "NonTrustedWorldBootloaderHash",
192 		.ln = "Non-Trusted World hash (SHA256)",
193 		.asn1_type = V_ASN1_OCTET_STRING,
194 		.type = EXT_TYPE_HASH
195 	},
196 	[NON_TRUSTED_FW_CONFIG_HASH_EXT] = {
197 		.oid = NON_TRUSTED_FW_CONFIG_HASH_OID,
198 		.opt = "nt-fw-config",
199 		.help_msg = "Non Trusted OS Firmware Config file",
200 		.sn = "NonTrustedOSFirmwareConfigHash",
201 		.ln = "Non-Trusted OS Firmware Config hash",
202 		.asn1_type = V_ASN1_OCTET_STRING,
203 		.type = EXT_TYPE_HASH,
204 		.optional = 1
205 	},
206 	[SCP_FWU_CFG_HASH_EXT] = {
207 		.oid = SCP_FWU_CFG_HASH_OID,
208 		.opt = "scp-fwu-cfg",
209 		.help_msg = "SCP Firmware Update Config image file",
210 		.sn = "SCPFWUpdateConfig",
211 		.ln = "SCP Firmware Update Config hash (SHA256)",
212 		.asn1_type = V_ASN1_OCTET_STRING,
213 		.type = EXT_TYPE_HASH,
214 		.optional = 1
215 	},
216 	[AP_FWU_CFG_HASH_EXT] = {
217 		.oid = AP_FWU_CFG_HASH_OID,
218 		.opt = "ap-fwu-cfg",
219 		.help_msg = "AP Firmware Update Config image file",
220 		.sn = "APFWUpdateConfig",
221 		.ln = "AP Firmware Update Config hash (SHA256)",
222 		.asn1_type = V_ASN1_OCTET_STRING,
223 		.type = EXT_TYPE_HASH,
224 		.optional = 1
225 	},
226 	[FWU_HASH_EXT] = {
227 		.oid = FWU_HASH_OID,
228 		.opt = "fwu",
229 		.help_msg = "Firmware Updater image file",
230 		.sn = "FWUpdaterHash",
231 		.ln = "Firmware Updater hash (SHA256)",
232 		.asn1_type = V_ASN1_OCTET_STRING,
233 		.type = EXT_TYPE_HASH,
234 		.optional = 1
235 	}
236 };
237 
238 REGISTER_EXTENSIONS(tbb_ext);
239