andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

cert_tool: Update cert_tool for fw_config image support 

Updated cert_tool to add hash information of fw_config image into
the existing "trusted boot fw" certificate.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I720319225925806a2a9f50a1ac9c8a464be975f0
This commit is contained in:
Manish V Badarkhe 2020-06-11 21:08:45 +01:00
parent ce10f9f462
commit 9b3ca9b120
6 changed files with 34 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/tools_share/tbbr_oid.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -43,6 +43,7 @@
#define TRUSTED_BOOT_FW_HASH_OID "1.3.6.1.4.1.4128.2100.201"
#define TRUSTED_BOOT_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.202"
#define HW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.203"
#define FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.204"
/*
* Trusted Key Certificate

1
tools/cert_create/include/dualroot/cot.h
View File

@ -32,6 +32,7 @@ enum {
TRUSTED_BOOT_FW_HASH_EXT,
TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
HW_CONFIG_HASH_EXT,
FW_CONFIG_HASH_EXT,
TRUSTED_WORLD_PK_EXT,
SCP_FW_CONTENT_CERT_PK_EXT,
SCP_FW_HASH_EXT,

3
tools/cert_create/include/tbbr/tbb_ext.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -15,6 +15,7 @@ enum {
TRUSTED_BOOT_FW_HASH_EXT,
TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
HW_CONFIG_HASH_EXT,
FW_CONFIG_HASH_EXT,
TRUSTED_WORLD_PK_EXT,
NON_TRUSTED_WORLD_PK_EXT,
SCP_FW_CONTENT_CERT_PK_EXT,

16
tools/cert_create/src/dualroot/cot.c
View File

@ -30,9 +30,10 @@ static cert_t cot_certs[] = {
TRUSTED_FW_NVCOUNTER_EXT,
TRUSTED_BOOT_FW_HASH_EXT,
TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
HW_CONFIG_HASH_EXT
HW_CONFIG_HASH_EXT,
FW_CONFIG_HASH_EXT
},
.num_ext = 4
.num_ext = 5
},
[TRUSTED_KEY_CERT] = {
@ -239,6 +240,17 @@ static ext_t cot_ext[] = {
.optional = 1
},
[FW_CONFIG_HASH_EXT] = {
.oid = FW_CONFIG_HASH_OID,
.opt = "fw-config",
.help_msg = "Firmware Config file",
.sn = "FirmwareConfigHash",
.ln = "Firmware Config hash",
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH,
.optional = 1
},
[TRUSTED_WORLD_PK_EXT] = {
.oid = TRUSTED_WORLD_PK_OID,
.sn = "TrustedWorldPublicKey",

7
tools/cert_create/src/tbbr/tbb_cert.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -28,9 +28,10 @@ static cert_t tbb_certs[] = {
TRUSTED_FW_NVCOUNTER_EXT,
TRUSTED_BOOT_FW_HASH_EXT,
TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
HW_CONFIG_HASH_EXT
HW_CONFIG_HASH_EXT,
FW_CONFIG_HASH_EXT
},
.num_ext = 4
.num_ext = 5
},
[TRUSTED_KEY_CERT] = {
.id = TRUSTED_KEY_CERT,

12
tools/cert_create/src/tbbr/tbb_ext.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -69,6 +69,16 @@ static ext_t tbb_ext[] = {
.type = EXT_TYPE_HASH,
.optional = 1
},
[FW_CONFIG_HASH_EXT] = {
.oid = FW_CONFIG_HASH_OID,
.opt = "fw-config",
.help_msg = "Firmware Config file",
.sn = "FirmwareConfigHash",
.ln = "Firmware Config hash",
.asn1_type = V_ASN1_OCTET_STRING,
.type = EXT_TYPE_HASH,
.optional = 1
},
[TRUSTED_WORLD_PK_EXT] = {
.oid = TRUSTED_WORLD_PK_OID,
.sn = "TrustedWorldPublicKey",