github
/
arm-trusted-firmware
mirror of https://github.com/ARM-software/arm-trusted-firmware.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

feat(auth): add explicit entries for key OIDs 

Key-OIDs that authenticate BL31, BL31(SOC)-FW config, and HW config
images have been explicitly entered.
Implementations of signer-ID consume these entries.

Change-Id: I24c9085ed5f266af06d40fb73302e35d857a9d5b
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
pull/2000/head
Manish V Badarkhe 1 year ago
parent
60861a04e0
commit
0cffcdd617
3 changed files with 24 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      include/tools_share/cca_oid.h
  2. 1
      include/tools_share/dualroot_oid.h
  3. 12
      include/tools_share/tbbr_oid.h

14
include/tools_share/cca_oid.h
View File

@ -9,7 +9,6 @@
/* Reuse the Object IDs defined by TBBR for certificate extensions. */
#include "tbbr_oid.h"
#include "zero_oid.h"
/*
* Assign arbitrary Object ID values that do not conflict with any of the
@ -29,4 +28,17 @@
/* CCAFirmwareNVCounter - Non-volatile counter extension */
#define CCA_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.3"
/*
* First undef previous definitions from tbbr_oid.h.
* CCA ROTPK authenticates BL31 and its configuration image in
* CCA CoT.
**/
#undef BL31_IMAGE_KEY_OID
#undef SOC_FW_CONFIG_KEY_OID
#undef HW_CONFIG_KEY_OID
#define BL31_IMAGE_KEY_OID ZERO_OID
#define SOC_FW_CONFIG_KEY_OID ZERO_OID
#define HW_CONFIG_KEY_OID ZERO_OID
#define RMM_IMAGE_KEY_OID ZERO_OID
#endif /* CCA_OID_H */

1
include/tools_share/dualroot_oid.h
View File

@ -9,7 +9,6 @@
/* Reuse the Object IDs defined by TBBR for certificate extensions. */
#include "tbbr_oid.h"
#include "zero_oid.h"
/*
* Platform root-of-trust public key.

12
include/tools_share/tbbr_oid.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
* Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@ -7,6 +7,8 @@
#ifndef TBBR_OID_H
#define TBBR_OID_H
#include "zero_oid.h"
#define MAX_OID_NAME_LEN 30
/*
@ -160,6 +162,14 @@
#define SP_PKG7_HASH_OID "1.3.6.1.4.1.4128.2100.1307"
#define SP_PKG8_HASH_OID "1.3.6.1.4.1.4128.2100.1308"
/*
* Public Keys present in SOC FW content certificates authenticate BL31 and
* its configuration.
*/
#define BL31_IMAGE_KEY_OID SOC_FW_CONTENT_CERT_PK_OID
#define SOC_FW_CONFIG_KEY_OID SOC_FW_CONTENT_CERT_PK_OID
#define HW_CONFIG_KEY_OID ZERO_OID
#ifdef PLAT_DEF_OID
#include <platform_oid.h>
#endif

Write Preview
Loading…
Cancel
Save