1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
/*
* Copyright (c) 2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef DUALROOT_COT_H
#define DUALROOT_COT_H
/* Certificates. */
enum {
/* Certificates owned by the silicon provider. */
TRUSTED_BOOT_FW_CERT,
TRUSTED_KEY_CERT,
SCP_FW_KEY_CERT,
SCP_FW_CONTENT_CERT,
SOC_FW_KEY_CERT,
SOC_FW_CONTENT_CERT,
TRUSTED_OS_FW_KEY_CERT,
TRUSTED_OS_FW_CONTENT_CERT,
SIP_SECURE_PARTITION_CONTENT_CERT,
FWU_CERT,
/* Certificates owned by the platform owner. */
NON_TRUSTED_FW_CONTENT_CERT,
PLAT_SECURE_PARTITION_CONTENT_CERT,
};
/* Certificate extensions. */
enum {
/* Extensions used in certificates owned by the silicon provider. */
TRUSTED_FW_NVCOUNTER_EXT,
TRUSTED_BOOT_FW_HASH_EXT,
TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
HW_CONFIG_HASH_EXT,
FW_CONFIG_HASH_EXT,
TRUSTED_WORLD_PK_EXT,
SCP_FW_CONTENT_CERT_PK_EXT,
SCP_FW_HASH_EXT,
SOC_FW_CONTENT_CERT_PK_EXT,
SOC_AP_FW_HASH_EXT,
SOC_FW_CONFIG_HASH_EXT,
TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
TRUSTED_OS_FW_HASH_EXT,
TRUSTED_OS_FW_EXTRA1_HASH_EXT,
TRUSTED_OS_FW_EXTRA2_HASH_EXT,
TRUSTED_OS_FW_CONFIG_HASH_EXT,
SP_PKG1_HASH_EXT,
SP_PKG2_HASH_EXT,
SP_PKG3_HASH_EXT,
SP_PKG4_HASH_EXT,
SP_PKG5_HASH_EXT,
SP_PKG6_HASH_EXT,
SP_PKG7_HASH_EXT,
SP_PKG8_HASH_EXT,
SCP_FWU_CFG_HASH_EXT,
AP_FWU_CFG_HASH_EXT,
FWU_HASH_EXT,
/* Extensions used in certificates owned by the platform owner. */
PROT_PK_EXT,
NON_TRUSTED_FW_NVCOUNTER_EXT,
NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
NON_TRUSTED_FW_CONFIG_HASH_EXT,
};
/* Keys. */
enum {
/* Keys owned by the silicon provider. */
ROT_KEY,
TRUSTED_WORLD_KEY,
SCP_FW_CONTENT_CERT_KEY,
SOC_FW_CONTENT_CERT_KEY,
TRUSTED_OS_FW_CONTENT_CERT_KEY,
/* Keys owned by the platform owner. */
PROT_KEY,
};
#endif /* DUALROOT_COT_H */
|
