diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 17:43:51 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 17:43:51 +0000 |
commit | be58c81aff4cd4c0ccf43dbd7998da4a6a08c03b (patch) | |
tree | 779c248fb61c83f65d1f0dc867f2053d76b4e03a /tools/nxp/cert_create_helper/src | |
parent | Initial commit. (diff) | |
download | arm-trusted-firmware-be58c81aff4cd4c0ccf43dbd7998da4a6a08c03b.tar.xz arm-trusted-firmware-be58c81aff4cd4c0ccf43dbd7998da4a6a08c03b.zip |
Adding upstream version 2.10.0+dfsg.upstream/2.10.0+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tools/nxp/cert_create_helper/src')
-rw-r--r-- | tools/nxp/cert_create_helper/src/pdef_tbb_cert.c | 62 | ||||
-rw-r--r-- | tools/nxp/cert_create_helper/src/pdef_tbb_ext.c | 108 | ||||
-rw-r--r-- | tools/nxp/cert_create_helper/src/pdef_tbb_key.c | 18 |
3 files changed, 188 insertions, 0 deletions
diff --git a/tools/nxp/cert_create_helper/src/pdef_tbb_cert.c b/tools/nxp/cert_create_helper/src/pdef_tbb_cert.c new file mode 100644 index 0000000..40bd928 --- /dev/null +++ b/tools/nxp/cert_create_helper/src/pdef_tbb_cert.c @@ -0,0 +1,62 @@ +/* + * Copyright 2021 NXP + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <pdef_tbb_cert.h> +#include <pdef_tbb_ext.h> +#include <pdef_tbb_key.h> + +static cert_t pdef_tbb_certs[] = { + [DDR_FW_KEY_CERT - DDR_FW_KEY_CERT] = { + .id = DDR_FW_KEY_CERT, + .opt = "ddr-fw-key-cert", + .help_msg = "DDR Firmware Key Certificate (output file)", + .fn = NULL, + .cn = "DDR Firmware Key Certificate", + .key = TRUSTED_WORLD_KEY, + .issuer = DDR_FW_KEY_CERT, + .ext = { + TRUSTED_FW_NVCOUNTER_EXT, + DDR_FW_CONTENT_CERT_PK_EXT, + }, + .num_ext = 2 + }, + [DDR_UDIMM_FW_CONTENT_CERT - DDR_FW_KEY_CERT] = { + .id = DDR_UDIMM_FW_CONTENT_CERT, + .opt = "ddr-udimm-fw-cert", + .help_msg = "DDR UDIMM Firmware Content Certificate (output file)", + .fn = NULL, + .cn = "DDR UDIMM Firmware Content Certificate", + .key = DDR_FW_CONTENT_KEY, + .issuer = DDR_UDIMM_FW_CONTENT_CERT, + .ext = { + TRUSTED_FW_NVCOUNTER_EXT, + DDR_IMEM_UDIMM_1D_HASH_EXT, + DDR_IMEM_UDIMM_2D_HASH_EXT, + DDR_DMEM_UDIMM_1D_HASH_EXT, + DDR_DMEM_UDIMM_2D_HASH_EXT, + }, + .num_ext = 5 + }, + [DDR_RDIMM_FW_CONTENT_CERT - DDR_FW_KEY_CERT] = { + .id = DDR_RDIMM_FW_CONTENT_CERT, + .opt = "ddr-rdimm-fw-cert", + .help_msg = "DDR RDIMM Firmware Content Certificate (output file)", + .fn = NULL, + .cn = "DDR RDIMM Firmware Content Certificate", + .key = DDR_FW_CONTENT_KEY, + .issuer = DDR_RDIMM_FW_CONTENT_CERT, + .ext = { + TRUSTED_FW_NVCOUNTER_EXT, + DDR_IMEM_RDIMM_1D_HASH_EXT, + DDR_IMEM_RDIMM_2D_HASH_EXT, + DDR_DMEM_RDIMM_1D_HASH_EXT, + DDR_DMEM_RDIMM_2D_HASH_EXT, + }, + .num_ext = 5 + } +}; + +PLAT_REGISTER_COT(pdef_tbb_certs); diff --git a/tools/nxp/cert_create_helper/src/pdef_tbb_ext.c b/tools/nxp/cert_create_helper/src/pdef_tbb_ext.c new file mode 100644 index 0000000..f6da6dd --- /dev/null +++ b/tools/nxp/cert_create_helper/src/pdef_tbb_ext.c @@ -0,0 +1,108 @@ +/* + * Copyright 2021 NXP + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <stdio.h> +#include <string.h> +#include <openssl/err.h> +#include <openssl/x509v3.h> + +#if USE_TBBR_DEFS +#include <tbbr_oid.h> +#else +#include <platform_oid.h> +#endif + +#include "ext.h" +#include "tbbr/tbb_ext.h" +#include "tbbr/tbb_key.h" + +#include <pdef_tbb_ext.h> +#include <pdef_tbb_key.h> + +static ext_t pdef_tbb_ext[] = { + [DDR_FW_CONTENT_CERT_PK_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_FW_CONTENT_CERT_PK_OID, + .sn = "DDR FirmwareContentCertPK", + .ln = "DDR Firmware content certificate public key", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_PKEY, + .attr.key = DDR_FW_CONTENT_KEY + }, + [DDR_IMEM_UDIMM_1D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_IMEM_UDIMM_1D_HASH_OID, + .opt = "ddr-immem-udimm-1d", + .help_msg = "DDR Firmware IMEM UDIMM 1D image file", + .sn = "DDR UDIMM IMEM 1D FirmwareHash", + .ln = "DDR UDIMM IMEM 1D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_IMEM_UDIMM_2D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_IMEM_UDIMM_2D_HASH_OID, + .opt = "ddr-immem-udimm-2d", + .help_msg = "DDR Firmware IMEM UDIMM 2D image file", + .sn = "DDR UDIMM IMEM 2D FirmwareHash", + .ln = "DDR UDIMM IMEM 2D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_DMEM_UDIMM_1D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_DMEM_UDIMM_1D_HASH_OID, + .opt = "ddr-dmmem-udimm-1d", + .help_msg = "DDR Firmware DMEM UDIMM 1D image file", + .sn = "DDR UDIMM DMEM 1D FirmwareHash", + .ln = "DDR UDIMM DMEM 1D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_DMEM_UDIMM_2D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_DMEM_UDIMM_2D_HASH_OID, + .opt = "ddr-dmmem-udimm-2d", + .help_msg = "DDR Firmware DMEM UDIMM 2D image file", + .sn = "DDR UDIMM DMEM 2D FirmwareHash", + .ln = "DDR UDIMM DMEM 2D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_IMEM_RDIMM_1D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_IMEM_RDIMM_1D_HASH_OID, + .opt = "ddr-immem-rdimm-1d", + .help_msg = "DDR Firmware IMEM RDIMM 1D image file", + .sn = "DDR RDIMM IMEM 1D FirmwareHash", + .ln = "DDR RDIMM IMEM 1D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_IMEM_RDIMM_2D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_IMEM_RDIMM_2D_HASH_OID, + .opt = "ddr-immem-rdimm-2d", + .help_msg = "DDR Firmware IMEM RDIMM 2D image file", + .sn = "DDR RDIMM IMEM 2D FirmwareHash", + .ln = "DDR RDIMM IMEM 2D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_DMEM_RDIMM_1D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_DMEM_RDIMM_1D_HASH_OID, + .opt = "ddr-dmmem-rdimm-1d", + .help_msg = "DDR Firmware DMEM RDIMM 1D image file", + .sn = "DDR RDIMM DMEM 1D FirmwareHash", + .ln = "DDR RDIMM DMEM 1D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + }, + [DDR_DMEM_RDIMM_2D_HASH_EXT - DDR_FW_CONTENT_CERT_PK_EXT] = { + .oid = DDR_DMEM_RDIMM_2D_HASH_OID, + .opt = "ddr-dmmem-rdimm-2d", + .help_msg = "DDR Firmware DMEM RDIMM 2D image file", + .sn = "DDR RDIMM DMEM 2D FirmwareHash", + .ln = "DDR RDIMM DMEM 2D Firmware hash (SHA256)", + .asn1_type = V_ASN1_OCTET_STRING, + .type = EXT_TYPE_HASH + } +}; + +PLAT_REGISTER_EXTENSIONS(pdef_tbb_ext); diff --git a/tools/nxp/cert_create_helper/src/pdef_tbb_key.c b/tools/nxp/cert_create_helper/src/pdef_tbb_key.c new file mode 100644 index 0000000..cf2ebda --- /dev/null +++ b/tools/nxp/cert_create_helper/src/pdef_tbb_key.c @@ -0,0 +1,18 @@ +/* + * Copyright 2021 NXP + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include <pdef_tbb_key.h> + +static key_t pdef_tbb_keys[] = { + [DDR_FW_CONTENT_KEY - DDR_FW_CONTENT_KEY] = { + .id = DDR_FW_CONTENT_KEY, + .opt = "ddr-fw-key", + .help_msg = "DDR Firmware Content Certificate key (input/output file)", + .desc = "DDR Firmware Content Certificate key" + } +}; + +PLAT_REGISTER_KEYS(pdef_tbb_keys); |