summaryrefslogtreecommitdiffstats
path: root/include/tools_share/tbbr_oid.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/tools_share/tbbr_oid.h')
-rw-r--r--include/tools_share/tbbr_oid.h176
1 files changed, 176 insertions, 0 deletions
diff --git a/include/tools_share/tbbr_oid.h b/include/tools_share/tbbr_oid.h
new file mode 100644
index 0000000..9881d1a
--- /dev/null
+++ b/include/tools_share/tbbr_oid.h
@@ -0,0 +1,176 @@
+/*
+ * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef TBBR_OID_H
+#define TBBR_OID_H
+
+#include "zero_oid.h"
+
+#define MAX_OID_NAME_LEN 30
+
+/*
+ * The following is a list of OID values defined and reserved by ARM, which
+ * are used to define the extension fields of the certificate structure, as
+ * defined in the Trusted Board Boot Requirements (TBBR) specification,
+ * ARM DEN0006C-1.
+ */
+
+
+/* TrustedFirmwareNVCounter - Non-volatile counter extension */
+#define TRUSTED_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.1"
+/* NonTrustedFirmwareNVCounter - Non-volatile counter extension */
+#define NON_TRUSTED_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.2"
+
+
+/*
+ * Non-Trusted Firmware Updater Certificate
+ */
+
+/* APFirmwareUpdaterConfigHash - BL2U */
+#define AP_FWU_CFG_HASH_OID "1.3.6.1.4.1.4128.2100.101"
+/* SCPFirmwareUpdaterConfigHash - SCP_BL2U */
+#define SCP_FWU_CFG_HASH_OID "1.3.6.1.4.1.4128.2100.102"
+/* FirmwareUpdaterHash - NS_BL2U */
+#define FWU_HASH_OID "1.3.6.1.4.1.4128.2100.103"
+/* TrustedWatchdogRefreshTime */
+#define TRUSTED_WATCHDOG_TIME_OID "1.3.6.1.4.1.4128.2100.104"
+
+
+/*
+ * Trusted Boot Firmware Certificate
+ */
+
+/* TrustedBootFirmwareHash - BL2 */
+#define TRUSTED_BOOT_FW_HASH_OID "1.3.6.1.4.1.4128.2100.201"
+#define TRUSTED_BOOT_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.202"
+#define HW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.203"
+#define FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.204"
+
+/*
+ * Trusted Key Certificate
+ */
+
+/* PrimaryDebugCertificatePK */
+#define PRIMARY_DEBUG_PK_OID "1.3.6.1.4.1.4128.2100.301"
+/* TrustedWorldPK */
+#define TRUSTED_WORLD_PK_OID "1.3.6.1.4.1.4128.2100.302"
+/* NonTrustedWorldPK */
+#define NON_TRUSTED_WORLD_PK_OID "1.3.6.1.4.1.4128.2100.303"
+
+
+/*
+ * Trusted Debug Certificate
+ */
+
+/* DebugScenario */
+#define TRUSTED_DEBUG_SCENARIO_OID "1.3.6.1.4.1.4128.2100.401"
+/* SoC Specific */
+#define TRUSTED_DEBUG_SOC_SPEC_OID "1.3.6.1.4.1.4128.2100.402"
+/* SecondaryDebugCertPK */
+#define SECONDARY_DEBUG_PK_OID "1.3.6.1.4.1.4128.2100.403"
+
+
+/*
+ * SoC Firmware Key Certificate
+ */
+
+/* SoCFirmwareContentCertPK */
+#define SOC_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.501"
+
+/*
+ * SoC Firmware Content Certificate
+ */
+
+/* APRomPatchHash - BL1_PATCH */
+#define APROM_PATCH_HASH_OID "1.3.6.1.4.1.4128.2100.601"
+/* SoCConfigHash */
+#define SOC_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.602"
+/* SoCAPFirmwareHash - BL31 */
+#define SOC_AP_FW_HASH_OID "1.3.6.1.4.1.4128.2100.603"
+/* SoCFirmwareConfigHash = SOC_FW_CONFIG */
+#define SOC_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.604"
+
+/*
+ * SCP Firmware Key Certificate
+ */
+
+/* SCPFirmwareContentCertPK */
+#define SCP_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.701"
+
+
+/*
+ * SCP Firmware Content Certificate
+ */
+
+/* SCPFirmwareHash - SCP_BL2 */
+#define SCP_FW_HASH_OID "1.3.6.1.4.1.4128.2100.801"
+/* SCPRomPatchHash - SCP_BL1_PATCH */
+#define SCP_ROM_PATCH_HASH_OID "1.3.6.1.4.1.4128.2100.802"
+
+
+/*
+ * Trusted OS Firmware Key Certificate
+ */
+
+/* TrustedOSFirmwareContentCertPK */
+#define TRUSTED_OS_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.901"
+
+
+/*
+ * Trusted OS Firmware Content Certificate
+ */
+
+/* TrustedOSFirmwareHash - BL32 */
+#define TRUSTED_OS_FW_HASH_OID "1.3.6.1.4.1.4128.2100.1001"
+/* TrustedOSExtra1FirmwareHash - BL32 Extra1 */
+#define TRUSTED_OS_FW_EXTRA1_HASH_OID "1.3.6.1.4.1.4128.2100.1002"
+/* TrustedOSExtra2FirmwareHash - BL32 Extra2 */
+#define TRUSTED_OS_FW_EXTRA2_HASH_OID "1.3.6.1.4.1.4128.2100.1003"
+/* TrustedOSFirmwareConfigHash - TOS_FW_CONFIG */
+#define TRUSTED_OS_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.1004"
+
+
+/*
+ * Non-Trusted Firmware Key Certificate
+ */
+
+/* NonTrustedFirmwareContentCertPK */
+#define NON_TRUSTED_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.1101"
+
+
+/*
+ * Non-Trusted Firmware Content Certificate
+ */
+
+/* NonTrustedWorldBootloaderHash - BL33 */
+#define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID "1.3.6.1.4.1.4128.2100.1201"
+/* NonTrustedFirmwareConfigHash - NT_FW_CONFIG */
+#define NON_TRUSTED_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.1202"
+
+/*
+ * Secure Partitions Content Certificate
+ */
+#define SP_PKG1_HASH_OID "1.3.6.1.4.1.4128.2100.1301"
+#define SP_PKG2_HASH_OID "1.3.6.1.4.1.4128.2100.1302"
+#define SP_PKG3_HASH_OID "1.3.6.1.4.1.4128.2100.1303"
+#define SP_PKG4_HASH_OID "1.3.6.1.4.1.4128.2100.1304"
+#define SP_PKG5_HASH_OID "1.3.6.1.4.1.4128.2100.1305"
+#define SP_PKG6_HASH_OID "1.3.6.1.4.1.4128.2100.1306"
+#define SP_PKG7_HASH_OID "1.3.6.1.4.1.4128.2100.1307"
+#define SP_PKG8_HASH_OID "1.3.6.1.4.1.4128.2100.1308"
+
+/*
+ * Public Keys present in SOC FW content certificates authenticate BL31 and
+ * its configuration.
+ */
+#define BL31_IMAGE_KEY_OID SOC_FW_CONTENT_CERT_PK_OID
+#define SOC_FW_CONFIG_KEY_OID SOC_FW_CONTENT_CERT_PK_OID
+#define HW_CONFIG_KEY_OID ZERO_OID
+
+#ifdef PLAT_DEF_OID
+#include <platform_oid.h>
+#endif
+#endif /* TBBR_OID_H */