Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / arm-trusted-firmware / 55e291a4058633300deafabe62db7e2885f0afb5 / . / tools / cert_create / src / tbbr / tbb_ext.c
blob: c4816df247eb8a10278e744dbe45cbe799fd4229 [file] [log] [blame]
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]1/*
2 * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are met:
6 *
7 * Redistributions of source code must retain the above copyright notice, this
8 * list of conditions and the following disclaimer.
9 *
10 * Redistributions in binary form must reproduce the above copyright notice,
11 * this list of conditions and the following disclaimer in the documentation
12 * and/or other materials provided with the distribution.
13 *
14 * Neither the name of ARM nor the names of its contributors may be used
15 * to endorse or promote products derived from this software without specific
16 * prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28 * POSSIBILITY OF SUCH DAMAGE.
29 */
30
31#include <stdio.h>
32#include <string.h>
33#include <openssl/err.h>
34#include <openssl/x509v3.h>
35#include "ext.h"
36#include "platform_oid.h"
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]37#include "tbbr/tbb_ext.h"
38#include "tbbr/tbb_key.h"
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]39
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]40/* TODO: get these values from the command line */
41#define TRUSTED_WORLD_NVCTR_VALUE 0
42#define NORMAL_WORLD_NVCTR_VALUE 0
43
44static ext_t tbb_ext[] = {
45 [TZ_FW_NVCOUNTER_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]46 .oid = TZ_FW_NVCOUNTER_OID,
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]47 .sn = "TrustedWorldNVCounter",
48 .ln = "Trusted World Non-Volatile counter",
49 .asn1_type = V_ASN1_INTEGER,
50 .type = EXT_TYPE_NVCOUNTER,
51 .data.nvcounter = TRUSTED_WORLD_NVCTR_VALUE
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]52 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]53 [NTZ_FW_NVCOUNTER_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]54 .oid = NTZ_FW_NVCOUNTER_OID,
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]55 .sn = "NormalWorldNVCounter",
56 .ln = "Normal World Non-Volatile counter",
57 .asn1_type = V_ASN1_INTEGER,
58 .type = EXT_TYPE_NVCOUNTER,
59 .data.nvcounter = NORMAL_WORLD_NVCTR_VALUE
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]60 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]61 [BL2_HASH_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]62 .oid = BL2_HASH_OID,
63 .sn = "TrustedBootFirmwareHash",
64 .ln = "Trusted Boot Firmware (BL2) hash (SHA256)",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]65 .asn1_type = V_ASN1_OCTET_STRING,
66 .type = EXT_TYPE_HASH
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]67 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]68 [TZ_WORLD_PK_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]69 .oid = TZ_WORLD_PK_OID,
70 .sn = "TrustedWorldPublicKey",
71 .ln = "Trusted World Public Key",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]72 .asn1_type = V_ASN1_OCTET_STRING,
73 .type = EXT_TYPE_PKEY,
74 .data.key = TRUSTED_WORLD_KEY
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]75 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]76 [NTZ_WORLD_PK_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]77 .oid = NTZ_WORLD_PK_OID,
78 .sn = "NonTrustedWorldPublicKey",
79 .ln = "Non-Trusted World Public Key",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]80 .asn1_type = V_ASN1_OCTET_STRING,
81 .type = EXT_TYPE_PKEY,
82 .data.key = NON_TRUSTED_WORLD_KEY
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]83 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]84 [BL30_CONTENT_CERT_PK_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]85 .oid = BL30_CONTENT_CERT_PK_OID,
86 .sn = "SCPFirmwareContentCertPK",
87 .ln = "SCP Firmware content certificate public key",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]88 .asn1_type = V_ASN1_OCTET_STRING,
89 .type = EXT_TYPE_PKEY,
90 .data.key = BL30_KEY
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]91 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]92 [BL30_HASH_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]93 .oid = BL30_HASH_OID,
94 .sn = "SCPFirmwareHash",
95 .ln = "SCP Firmware (BL30) hash (SHA256)",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]96 .asn1_type = V_ASN1_OCTET_STRING,
97 .type = EXT_TYPE_HASH
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]98 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]99 [BL31_CONTENT_CERT_PK_EXT] = {
100 .oid = BL31_CONTENT_CERT_PK_OID,
101 .sn = "SoCFirmwareContentCertPK",
102 .ln = "SoC Firmware content certificate public key",
103 .asn1_type = V_ASN1_OCTET_STRING,
104 .type = EXT_TYPE_PKEY,
105 .data.key = BL31_KEY
106 },
107 [BL31_HASH_EXT] = {
108 .oid = BL31_HASH_OID,
109 .sn = "SoCAPFirmwareHash",
110 .ln = "SoC AP Firmware (BL31) hash (SHA256)",
111 .asn1_type = V_ASN1_OCTET_STRING,
112 .type = EXT_TYPE_HASH
113 },
114 [BL32_CONTENT_CERT_PK_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]115 .oid = BL32_CONTENT_CERT_PK_OID,
116 .sn = "TrustedOSFirmwareContentCertPK",
117 .ln = "Trusted OS Firmware content certificate public key",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]118 .asn1_type = V_ASN1_OCTET_STRING,
119 .type = EXT_TYPE_PKEY,
120 .data.key = BL32_KEY
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]121 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]122 [BL32_HASH_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]123 .oid = BL32_HASH_OID,
124 .sn = "TrustedOSHash",
125 .ln = "Trusted OS (BL32) hash (SHA256)",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]126 .asn1_type = V_ASN1_OCTET_STRING,
127 .type = EXT_TYPE_HASH
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]128 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]129 [BL33_CONTENT_CERT_PK_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]130 .oid = BL33_CONTENT_CERT_PK_OID,
131 .sn = "NonTrustedFirmwareContentCertPK",
132 .ln = "Non-Trusted Firmware content certificate public key",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]133 .asn1_type = V_ASN1_OCTET_STRING,
134 .type = EXT_TYPE_PKEY,
135 .data.key = BL33_KEY
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]136 },
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]137 [BL33_HASH_EXT] = {
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]138 .oid = BL33_HASH_OID,
139 .sn = "NonTrustedWorldBootloaderHash",
140 .ln = "Non-Trusted World (BL33) hash (SHA256)",
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]141 .asn1_type = V_ASN1_OCTET_STRING,
142 .type = EXT_TYPE_HASH
143 }
Juan Castillo6f971622014-10-21 11:30:42 +0100[diff] [blame]144};
Juan Castillo55e291a2015-06-12 11:27:59 +0100[diff] [blame^]145
146REGISTER_EXTENSIONS(tbb_ext);