diff options
Diffstat (limited to 'tools/cert_create/src/tbbr/tbb_cert.c')
-rw-r--r-- | tools/cert_create/src/tbbr/tbb_cert.c | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/tools/cert_create/src/tbbr/tbb_cert.c b/tools/cert_create/src/tbbr/tbb_cert.c new file mode 100644 index 00000000..d0ae8367 --- /dev/null +++ b/tools/cert_create/src/tbbr/tbb_cert.c @@ -0,0 +1,156 @@ +/* + * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of ARM nor the names of its contributors may be used + * to endorse or promote products derived from this software without specific + * prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include "tbbr/tbb_cert.h" +#include "tbbr/tbb_ext.h" +#include "tbbr/tbb_key.h" + +/* + * Certificates used in the chain of trust + * + * The order of the certificates must follow the enumeration specified in + * tbb_cert.h. All certificates are self-signed, so the issuer certificate + * field points to itself. + */ +static cert_t tbb_certs[] = { + [BL2_CERT] = { + .id = BL2_CERT, + .fn = NULL, + .cn = "BL2 Certificate", + .key = ROT_KEY, + .issuer = BL2_CERT, + .ext = { + BL2_HASH_EXT + }, + .num_ext = 1 + }, + [TRUSTED_KEY_CERT] = { + .id = TRUSTED_KEY_CERT, + .fn = NULL, + .cn = "Trusted Key Certificate", + .key = ROT_KEY, + .issuer = TRUSTED_KEY_CERT, + .ext = { + TZ_WORLD_PK_EXT, + NTZ_WORLD_PK_EXT + }, + .num_ext = 2 + }, + [BL30_KEY_CERT] = { + .id = BL30_KEY_CERT, + .fn = NULL, + .cn = "BL3-0 Key Certificate", + .key = TRUSTED_WORLD_KEY, + .issuer = BL30_KEY_CERT, + .ext = { + BL30_CONTENT_CERT_PK_EXT + }, + .num_ext = 1 + }, + [BL30_CERT] = { + .id = BL30_CERT, + .fn = NULL, + .cn = "BL3-0 Content Certificate", + .key = BL30_KEY, + .issuer = BL30_CERT, + .ext = { + BL30_HASH_EXT + }, + .num_ext = 1 + }, + [BL31_KEY_CERT] = { + .id = BL31_KEY_CERT, + .fn = NULL, + .cn = "BL3-1 Key Certificate", + .key = TRUSTED_WORLD_KEY, + .issuer = BL31_KEY_CERT, + .ext = { + BL31_CONTENT_CERT_PK_EXT + }, + .num_ext = 1 + }, + [BL31_CERT] = { + .id = BL31_CERT, + .fn = NULL, + .cn = "BL3-1 Content Certificate", + .key = BL31_KEY, + .issuer = BL31_CERT, + .ext = { + BL31_HASH_EXT + }, + .num_ext = 1 + }, + [BL32_KEY_CERT] = { + .id = BL32_KEY_CERT, + .fn = NULL, + .cn = "BL3-2 Key Certificate", + .key = TRUSTED_WORLD_KEY, + .issuer = BL32_KEY_CERT, + .ext = { + BL32_CONTENT_CERT_PK_EXT + }, + .num_ext = 1 + }, + [BL32_CERT] = { + .id = BL32_CERT, + .fn = NULL, + .cn = "BL3-2 Content Certificate", + .key = BL32_KEY, + .issuer = BL32_CERT, + .ext = { + BL32_HASH_EXT + }, + .num_ext = 1 + }, + [BL33_KEY_CERT] = { + .id = BL33_KEY_CERT, + .fn = NULL, + .cn = "BL3-3 Key Certificate", + .key = NON_TRUSTED_WORLD_KEY, + .issuer = BL33_KEY_CERT, + .ext = { + BL33_CONTENT_CERT_PK_EXT + }, + .num_ext = 1 + }, + [BL33_CERT] = { + .id = BL33_CERT, + .fn = NULL, + .cn = "BL3-3 Content Certificate", + .key = BL33_KEY, + .issuer = BL33_CERT, + .ext = { + BL33_HASH_EXT + }, + .num_ext = 1 + } +}; + +REGISTER_COT(tbb_certs); |