1 files changed, 156 insertions, 0 deletions

diff --git a/tools/cert_create/src/tbbr/tbb_cert.c b/tools/cert_create/src/tbbr/tbb_cert.c
new file mode 100644
index 00000000..d0ae8367
--- /dev/null
+++ b/tools/cert_create/src/tbbr/tbb_cert.c
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * Neither the name of ARM nor the names of its contributors may be used
+ * to endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "tbbr/tbb_cert.h"
+#include "tbbr/tbb_ext.h"
+#include "tbbr/tbb_key.h"
+
+/*
+ * Certificates used in the chain of trust
+ *
+ * The order of the certificates must follow the enumeration specified in
+ * tbb_cert.h. All certificates are self-signed, so the issuer certificate
+ * field points to itself.
+ */
+static cert_t tbb_certs[] = {
+	[BL2_CERT] = {
+		.id = BL2_CERT,
+		.fn = NULL,
+		.cn = "BL2 Certificate",
+		.key = ROT_KEY,
+		.issuer = BL2_CERT,
+		.ext = {
+			BL2_HASH_EXT
+		},
+		.num_ext = 1
+	},
+	[TRUSTED_KEY_CERT] = {
+		.id = TRUSTED_KEY_CERT,
+		.fn = NULL,
+		.cn = "Trusted Key Certificate",
+		.key = ROT_KEY,
+		.issuer = TRUSTED_KEY_CERT,
+		.ext = {
+			TZ_WORLD_PK_EXT,
+			NTZ_WORLD_PK_EXT
+		},
+		.num_ext = 2
+	},
+	[BL30_KEY_CERT] = {
+		.id = BL30_KEY_CERT,
+		.fn = NULL,
+		.cn = "BL3-0 Key Certificate",
+		.key = TRUSTED_WORLD_KEY,
+		.issuer = BL30_KEY_CERT,
+		.ext = {
+			BL30_CONTENT_CERT_PK_EXT
+		},
+		.num_ext = 1
+	},
+	[BL30_CERT] = {
+		.id = BL30_CERT,
+		.fn = NULL,
+		.cn = "BL3-0 Content Certificate",
+		.key = BL30_KEY,
+		.issuer = BL30_CERT,
+		.ext = {
+			BL30_HASH_EXT
+		},
+		.num_ext = 1
+	},
+	[BL31_KEY_CERT] = {
+		.id = BL31_KEY_CERT,
+		.fn = NULL,
+		.cn = "BL3-1 Key Certificate",
+		.key = TRUSTED_WORLD_KEY,
+		.issuer = BL31_KEY_CERT,
+		.ext = {
+			BL31_CONTENT_CERT_PK_EXT
+		},
+		.num_ext = 1
+	},
+	[BL31_CERT] = {
+		.id = BL31_CERT,
+		.fn = NULL,
+		.cn = "BL3-1 Content Certificate",
+		.key = BL31_KEY,
+		.issuer = BL31_CERT,
+		.ext = {
+			BL31_HASH_EXT
+		},
+		.num_ext = 1
+	},
+	[BL32_KEY_CERT] = {
+		.id = BL32_KEY_CERT,
+		.fn = NULL,
+		.cn = "BL3-2 Key Certificate",
+		.key = TRUSTED_WORLD_KEY,
+		.issuer = BL32_KEY_CERT,
+		.ext = {
+			BL32_CONTENT_CERT_PK_EXT
+		},
+		.num_ext = 1
+	},
+	[BL32_CERT] = {
+		.id = BL32_CERT,
+		.fn = NULL,
+		.cn = "BL3-2 Content Certificate",
+		.key = BL32_KEY,
+		.issuer = BL32_CERT,
+		.ext = {
+			BL32_HASH_EXT
+		},
+		.num_ext = 1
+	},
+	[BL33_KEY_CERT] = {
+		.id = BL33_KEY_CERT,
+		.fn = NULL,
+		.cn = "BL3-3 Key Certificate",
+		.key = NON_TRUSTED_WORLD_KEY,
+		.issuer = BL33_KEY_CERT,
+		.ext = {
+			BL33_CONTENT_CERT_PK_EXT
+		},
+		.num_ext = 1
+	},
+	[BL33_CERT] = {
+		.id = BL33_CERT,
+		.fn = NULL,
+		.cn = "BL3-3 Content Certificate",
+		.key = BL33_KEY,
+		.issuer = BL33_CERT,
+		.ext = {
+			BL33_HASH_EXT
+		},
+		.num_ext = 1
+	}
+};
+
+REGISTER_COT(tbb_certs);