Key-OIDs that authenticate BL31, BL31(SOC)-FW config, and HW config
images have been explicitly entered.
Implementations of signer-ID consume these entries.
Change-Id: I24c9085ed5f266af06d40fb73302e35d857a9d5b
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Created an explicit zero-OID which can be used for Subject
Public Key that do not have their own key identifier.
With this, all keys (including the subject public key) have
a proper key OID string so we don't need to make a special
case of null pointers when it comes to handling key OIDs.
Change-Id: Ice6923951699b6e253d7fd87e4c1b912470e0391
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
with sha 0792dd7, support to generate certificate for Secure
Partitions was added for dualroot CoT only, this patch extends
this support for tbbr CoT.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I451c0333536dd1cbe17861d454bdb0dc7a17c63f
Add support to generate certificate "sip-sp-cert" for Secure
Partitions(SP) owned by Silicon provider(SiP).
To avoid deviation from TBBR specification the support is only added for
dualroot CoT and not for TBBR CoT.
A single certificate file is generated containing hash of individual
packages. Maximum 8 secure partitions are supported.
Following new options added to cert_tool:
--sip-sp-cert --> SiP owned Secure Partition Content Certificate
--sp-pkg1 --> Secure Partition Package1 file
--sp-pkg2
.....
--sp-pkg8
Trusted world key pair is used for signing.
Going forward, this feature can be extended for Platfrom owned
Partitions, if required.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
This new chain of trust defines 2 independent signing domains:
1) One for the silicon firmware (BL1, BL2, BL31) and optionally the
Trusted OS. It is rooted in the Silicon ROTPK, just as in the TBBR
CoT.
2) One for the Normal World Bootloader (BL33). It is rooted in a new key
called Platform ROTPK, or PROTPK for short.
In terms of certificates chain,
- Signing domain 1) is similar to what TBBR advocates (see page 21 of
the TBBR specification), except that the Non-Trusted World Public Key
has been removed from the Trusted Key Certificate.
- Signing domain 2) only contains the Non-Trusted World Content
certificate, which provides the hash of the Non-Trusted World
Bootloader. Compared to the TBBR CoT, there's no Non-Trusted World
Key certificate for simplicity.
Change-Id: I62f1e952522d84470acc360cf5ee63e4c4b0b4d9
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
