From ccbfd01d95b9b35acb3e2ca5f25379ce8fa0ed1c Mon Sep 17 00:00:00 2001
From: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Date: Fri, 19 Jul 2024 08:31:51 +0100
Subject: [PATCH] fix(tools): update the fiptool and certtool to fix POSIX
 build

This patch fixes below issue raised:

https://github.com/TrustedFirmware-A/trusted-firmware-a/issues/8
https://github.com/TrustedFirmware-A/trusted-firmware-a/issues/9
https://github.com/TrustedFirmware-A/trusted-firmware-a/issues/10

Change-Id: I521bf7410535ffe49198789ba183cc401b3b88a0
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
---
 changelog.yaml                                |  1 +
 tools/cert_create/include/key.h               | 24 ++++++------
 tools/cert_create/src/cca/cot.c               |  4 +-
 tools/cert_create/src/dualroot/cot.c          |  4 +-
 tools/cert_create/src/key.c                   | 38 +++++++++----------
 tools/cert_create/src/main.c                  | 16 ++------
 tools/cert_create/src/tbbr/tbb_key.c          |  4 +-
 tools/fiptool/fiptool.c                       |  5 ++-
 .../nxp/cert_create_helper/src/pdef_tbb_key.c |  2 +-
 9 files changed, 46 insertions(+), 52 deletions(-)

diff --git a/changelog.yaml b/changelog.yaml
index dbbff992e..d073a8427 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -1405,6 +1405,7 @@ subsections:
           - git-hooks
 
   - title: Tools
+    scope: tools
 
     subsections:
       - title: STM32 Image
diff --git a/tools/cert_create/include/key.h b/tools/cert_create/include/key.h
index e0ecdaed2..f7adfab2b 100644
--- a/tools/cert_create/include/key.h
+++ b/tools/cert_create/include/key.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -65,35 +65,35 @@ typedef struct key_s {
 	const char *desc;	/* Key description (debug purposes) */
 	char *fn;		/* Filename to load/store the key */
 	EVP_PKEY *key;		/* Key container */
-} key_t;
+} cert_key_t;
 
 /* Exported API */
 int key_init(void);
-key_t *key_get_by_opt(const char *opt);
+cert_key_t *key_get_by_opt(const char *opt);
 #if !USING_OPENSSL3
-int key_new(key_t *key);
+int key_new(cert_key_t *key);
 #endif
-int key_create(key_t *key, int type, int key_bits);
-unsigned int key_load(key_t *key);
-int key_store(key_t *key);
+int key_create(cert_key_t *key, int type, int key_bits);
+unsigned int key_load(cert_key_t *key);
+int key_store(cert_key_t *key);
 void key_cleanup(void);
 
 /* Macro to register the keys used in the CoT */
 #define REGISTER_KEYS(_keys) \
-	key_t *def_keys = &_keys[0]; \
+	cert_key_t *def_keys = &_keys[0]; \
 	const unsigned int num_def_keys = sizeof(_keys)/sizeof(_keys[0])
 
 /* Macro to register the platform defined keys used in the CoT */
 #define PLAT_REGISTER_KEYS(_pdef_keys) \
-	key_t *pdef_keys = &_pdef_keys[0]; \
+	cert_key_t *pdef_keys = &_pdef_keys[0]; \
 	const unsigned int num_pdef_keys = sizeof(_pdef_keys)/sizeof(_pdef_keys[0])
 
 /* Exported variables */
-extern key_t *def_keys;
+extern cert_key_t *def_keys;
 extern const unsigned int num_def_keys;
-extern key_t *pdef_keys;
+extern cert_key_t *pdef_keys;
 extern const unsigned int num_pdef_keys;
 
-extern key_t *keys;
+extern cert_key_t *keys;
 extern unsigned int num_keys;
 #endif /* KEY_H */
diff --git a/tools/cert_create/src/cca/cot.c b/tools/cert_create/src/cca/cot.c
index 372d90876..658b81c29 100644
--- a/tools/cert_create/src/cca/cot.c
+++ b/tools/cert_create/src/cca/cot.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2022-2024, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -410,7 +410,7 @@ static ext_t cot_ext[] = {
 REGISTER_EXTENSIONS(cot_ext);
 
 /* Keys used to establish the chain of trust. */
-static key_t cot_keys[] = {
+static cert_key_t cot_keys[] = {
 	[ROT_KEY] = {
 		.id = ROT_KEY,
 		.opt = "rot-key",
diff --git a/tools/cert_create/src/dualroot/cot.c b/tools/cert_create/src/dualroot/cot.c
index 81a7d75dc..d2c15bf93 100644
--- a/tools/cert_create/src/dualroot/cot.c
+++ b/tools/cert_create/src/dualroot/cot.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2024, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -536,7 +536,7 @@ REGISTER_EXTENSIONS(cot_ext);
 
 
 /* Keys used to establish the chain of trust. */
-static key_t cot_keys[] = {
+static cert_key_t cot_keys[] = {
 	[ROT_KEY] = {
 		.id = ROT_KEY,
 		.opt = "rot-key",
diff --git a/tools/cert_create/src/key.c b/tools/cert_create/src/key.c
index f6ceedac0..190c0963e 100644
--- a/tools/cert_create/src/key.c
+++ b/tools/cert_create/src/key.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -26,14 +26,14 @@
 
 #define MAX_FILENAME_LEN		1024
 
-key_t *keys;
+cert_key_t *keys;
 unsigned int num_keys;
 
 #if !USING_OPENSSL3
 /*
  * Create a new key container
  */
-int key_new(key_t *key)
+int key_new(cert_key_t *key)
 {
 	/* Create key pair container */
 	key->key = EVP_PKEY_new();
@@ -45,7 +45,7 @@ int key_new(key_t *key)
 }
 #endif
 
-static int key_create_rsa(key_t *key, int key_bits)
+static int key_create_rsa(cert_key_t *key, int key_bits)
 {
 #if USING_OPENSSL3
 	EVP_PKEY *rsa = EVP_RSA_gen(key_bits);
@@ -99,7 +99,7 @@ err2:
 
 #ifndef OPENSSL_NO_EC
 #if USING_OPENSSL3
-static int key_create_ecdsa(key_t *key, int key_bits, const char *curve)
+static int key_create_ecdsa(cert_key_t *key, int key_bits, const char *curve)
 {
 	EVP_PKEY *ec = EVP_EC_gen(curve);
 	if (ec == NULL) {
@@ -111,7 +111,7 @@ static int key_create_ecdsa(key_t *key, int key_bits, const char *curve)
 	return 1;
 }
 
-static int key_create_ecdsa_nist(key_t *key, int key_bits)
+static int key_create_ecdsa_nist(cert_key_t *key, int key_bits)
 {
 	if (key_bits == 384) {
 		return key_create_ecdsa(key, key_bits, "secp384r1");
@@ -121,17 +121,17 @@ static int key_create_ecdsa_nist(key_t *key, int key_bits)
 	}
 }
 
-static int key_create_ecdsa_brainpool_r(key_t *key, int key_bits)
+static int key_create_ecdsa_brainpool_r(cert_key_t *key, int key_bits)
 {
 	return key_create_ecdsa(key, key_bits, "brainpoolP256r1");
 }
 
-static int key_create_ecdsa_brainpool_t(key_t *key, int key_bits)
+static int key_create_ecdsa_brainpool_t(cert_key_t *key, int key_bits)
 {
 	return key_create_ecdsa(key, key_bits, "brainpoolP256t1");
 }
 #else
-static int key_create_ecdsa(key_t *key, int key_bits, const int curve_id)
+static int key_create_ecdsa(cert_key_t *key, int key_bits, const int curve_id)
 {
 	EC_KEY *ec;
 
@@ -158,7 +158,7 @@ err:
 	return 0;
 }
 
-static int key_create_ecdsa_nist(key_t *key, int key_bits)
+static int key_create_ecdsa_nist(cert_key_t *key, int key_bits)
 {
 	if (key_bits == 384) {
 		return key_create_ecdsa(key, key_bits, NID_secp384r1);
@@ -169,12 +169,12 @@ static int key_create_ecdsa_nist(key_t *key, int key_bits)
 }
 
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
-static int key_create_ecdsa_brainpool_r(key_t *key, int key_bits)
+static int key_create_ecdsa_brainpool_r(cert_key_t *key, int key_bits)
 {
 	return key_create_ecdsa(key, key_bits, NID_brainpoolP256r1);
 }
 
-static int key_create_ecdsa_brainpool_t(key_t *key, int key_bits)
+static int key_create_ecdsa_brainpool_t(cert_key_t *key, int key_bits)
 {
 	return key_create_ecdsa(key, key_bits, NID_brainpoolP256t1);
 }
@@ -182,7 +182,7 @@ static int key_create_ecdsa_brainpool_t(key_t *key, int key_bits)
 #endif /* USING_OPENSSL3 */
 #endif /* OPENSSL_NO_EC */
 
-typedef int (*key_create_fn_t)(key_t *key, int key_bits);
+typedef int (*key_create_fn_t)(cert_key_t *key, int key_bits);
 static const key_create_fn_t key_create_fn[KEY_ALG_MAX_NUM] = {
 	[KEY_ALG_RSA] = key_create_rsa,
 #ifndef OPENSSL_NO_EC
@@ -194,7 +194,7 @@ static const key_create_fn_t key_create_fn[KEY_ALG_MAX_NUM] = {
 #endif /* OPENSSL_NO_EC */
 };
 
-int key_create(key_t *key, int type, int key_bits)
+int key_create(cert_key_t *key, int type, int key_bits)
 {
 	if (type >= KEY_ALG_MAX_NUM) {
 		printf("Invalid key type\n");
@@ -243,7 +243,7 @@ err:
 
 }
 
-unsigned int key_load(key_t *key)
+unsigned int key_load(cert_key_t *key)
 {
 	if (key->fn == NULL) {
 		VERBOSE("Key not specified\n");
@@ -273,7 +273,7 @@ unsigned int key_load(key_t *key)
 	return KEY_ERR_NONE;
 }
 
-int key_store(key_t *key)
+int key_store(cert_key_t *key)
 {
 	FILE *fp;
 
@@ -301,7 +301,7 @@ int key_store(key_t *key)
 int key_init(void)
 {
 	cmd_opt_t cmd_opt;
-	key_t *key;
+	cert_key_t *key;
 	unsigned int i;
 
 	keys = malloc((num_def_keys * sizeof(def_keys[0]))
@@ -341,9 +341,9 @@ int key_init(void)
 	return 0;
 }
 
-key_t *key_get_by_opt(const char *opt)
+cert_key_t *key_get_by_opt(const char *opt)
 {
-	key_t *key;
+	cert_key_t *key;
 	unsigned int i;
 
 	/* Sequential search. This is not a performance concern since the number
diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c
index edc2d683b..aa21206c0 100644
--- a/tools/cert_create/src/main.c
+++ b/tools/cert_create/src/main.c
@@ -4,6 +4,8 @@
  * SPDX-License-Identifier: BSD-3-Clause
  */
 
+#define _POSIX_C_SOURCE 200809L
+
 #include <assert.h>
 #include <ctype.h>
 #include <getopt.h>
@@ -69,16 +71,6 @@ static int print_cert;
 static const char build_msg[] = "Built : " __TIME__ ", " __DATE__;
 static const char platform_msg[] = PLAT_MSG;
 
-static char *strdup(const char *str)
-{
-	int n = strlen(str) + 1;
-	char *dup = malloc(n);
-	if (dup) {
-		strcpy(dup, str);
-	}
-	return dup;
-}
-
 static const char *key_algs_str[] = {
 	[KEY_ALG_RSA] = "rsa",
 #ifndef OPENSSL_NO_EC
@@ -178,7 +170,7 @@ static void check_cmd_params(void)
 {
 	cert_t *cert;
 	ext_t *ext;
-	key_t *key;
+	cert_key_t *key;
 	int i, j;
 	bool valid_size;
 
@@ -303,7 +295,7 @@ int main(int argc, char *argv[])
 	STACK_OF(X509_EXTENSION) * sk;
 	X509_EXTENSION *cert_ext = NULL;
 	ext_t *ext;
-	key_t *key;
+	cert_key_t *key;
 	cert_t *cert;
 	FILE *file;
 	int i, j, ext_nid, nvctr;
diff --git a/tools/cert_create/src/tbbr/tbb_key.c b/tools/cert_create/src/tbbr/tbb_key.c
index 5b84b6e91..3d99067f7 100644
--- a/tools/cert_create/src/tbbr/tbb_key.c
+++ b/tools/cert_create/src/tbbr/tbb_key.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -11,7 +11,7 @@
  *
  * The order of the keys must follow the enumeration specified in tbb_key.h
  */
-static key_t tbb_keys[] = {
+static cert_key_t tbb_keys[] = {
 	[ROT_KEY] = {
 		.id = ROT_KEY,
 		.opt = "rot-key",
diff --git a/tools/fiptool/fiptool.c b/tools/fiptool/fiptool.c
index 6c566ef00..27119a1aa 100644
--- a/tools/fiptool/fiptool.c
+++ b/tools/fiptool/fiptool.c
@@ -1,12 +1,13 @@
 /*
- * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2024, Arm Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
 
-#ifndef _MSC_VER
+#ifdef __linux__
 #include <sys/mount.h>
 #endif
+
 #include <sys/types.h>
 #include <sys/stat.h>
 
diff --git a/tools/nxp/cert_create_helper/src/pdef_tbb_key.c b/tools/nxp/cert_create_helper/src/pdef_tbb_key.c
index cf2ebda3e..cd48866c7 100644
--- a/tools/nxp/cert_create_helper/src/pdef_tbb_key.c
+++ b/tools/nxp/cert_create_helper/src/pdef_tbb_key.c
@@ -6,7 +6,7 @@
 
 #include <pdef_tbb_key.h>
 
-static key_t pdef_tbb_keys[] = {
+static cert_key_t pdef_tbb_keys[] = {
 	[DDR_FW_CONTENT_KEY - DDR_FW_CONTENT_KEY] = {
 		.id = DDR_FW_CONTENT_KEY,
 		.opt = "ddr-fw-key",