mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-16 01:24:27 +00:00
0792dd7d64
Add support to generate certificate "sip-sp-cert" for Secure Partitions(SP) owned by Silicon provider(SiP). To avoid deviation from TBBR specification the support is only added for dualroot CoT and not for TBBR CoT. A single certificate file is generated containing hash of individual packages. Maximum 8 secure partitions are supported. Following new options added to cert_tool: --sip-sp-cert --> SiP owned Secure Partition Content Certificate --sp-pkg1 --> Secure Partition Package1 file --sp-pkg2 ..... --sp-pkg8 Trusted world key pair is used for signing. Going forward, this feature can be extended for Platfrom owned Partitions, if required. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
31 lines
1.1 KiB
C
31 lines
1.1 KiB
C
/*
|
|
* Copyright (c) 2020, Arm Limited. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#ifndef DUALROOT_OID_H
|
|
#define DUALROOT_OID_H
|
|
|
|
/* Reuse the Object IDs defined by TBBR for certificate extensions. */
|
|
#include "tbbr_oid.h"
|
|
|
|
/*
|
|
* Platform root-of-trust public key.
|
|
* Arbitrary value that does not conflict with any of the TBBR reserved OIDs.
|
|
*/
|
|
#define PROT_PK_OID "1.3.6.1.4.1.4128.2100.1102"
|
|
|
|
/*
|
|
* Secure Partitions Content Certificate
|
|
*/
|
|
#define SP_PKG1_HASH_OID "1.3.6.1.4.1.4128.2100.1301"
|
|
#define SP_PKG2_HASH_OID "1.3.6.1.4.1.4128.2100.1302"
|
|
#define SP_PKG3_HASH_OID "1.3.6.1.4.1.4128.2100.1303"
|
|
#define SP_PKG4_HASH_OID "1.3.6.1.4.1.4128.2100.1304"
|
|
#define SP_PKG5_HASH_OID "1.3.6.1.4.1.4128.2100.1305"
|
|
#define SP_PKG6_HASH_OID "1.3.6.1.4.1.4128.2100.1306"
|
|
#define SP_PKG7_HASH_OID "1.3.6.1.4.1.4128.2100.1307"
|
|
#define SP_PKG8_HASH_OID "1.3.6.1.4.1.4128.2100.1308"
|
|
|
|
#endif /* DUALROOT_OID_H */
|