diff options
| author | danh-arm <dan.handley@arm.com> | 2016-04-07 17:10:44 +0100 |
|---|---|---|
| committer | danh-arm <dan.handley@arm.com> | 2016-04-07 17:10:44 +0100 |
| commit | 5d29c7601561542b9bb1c07b398cd0c1db9feecf (patch) | |
| tree | 10b084df5d83c662e6e12631b4b68794a9c21f29 | |
| parent | a8f6e21eb4ba4b515955abc16ea9041bcf0009ed (diff) | |
| parent | 48279d52a7e339e88b5088ce5a276bf169c71754 (diff) | |
Merge pull request #572 from jcastillo-arm/jc/tbb_nvcounter
TBB NVcounter support
| -rw-r--r-- | docs/porting-guide.md | 29 | ||||
| -rw-r--r-- | drivers/auth/auth_mod.c | 84 | ||||
| -rw-r--r-- | drivers/auth/mbedtls/mbedtls_x509_parser.c | 8 | ||||
| -rw-r--r-- | drivers/auth/tbbr/tbbr_cot.c | 75 | ||||
| -rw-r--r-- | include/drivers/auth/auth_common.h | 5 | ||||
| -rw-r--r-- | include/plat/arm/soc/common/soc_css_def.h | 7 | ||||
| -rw-r--r-- | include/plat/common/platform.h | 2 | ||||
| -rw-r--r-- | make_helpers/tbbr/tbbr_tools.mk | 8 | ||||
| -rw-r--r-- | plat/arm/board/common/board_arm_trusted_boot.c | 43 | ||||
| -rw-r--r-- | plat/arm/board/common/board_common.mk | 5 | ||||
| -rw-r--r-- | plat/arm/board/fvp/fvp_def.h | 8 | ||||
| -rw-r--r-- | tools/cert_create/include/ext.h | 23 | ||||
| -rw-r--r-- | tools/cert_create/src/main.c | 35 | ||||
| -rw-r--r-- | tools/cert_create/src/tbbr/tbb_cert.c | 30 | ||||
| -rw-r--r-- | tools/cert_create/src/tbbr/tbb_ext.c | 22 |
15 files changed, 342 insertions, 42 deletions
diff --git a/docs/porting-guide.md b/docs/porting-guide.md index f8d0ff38..3b6e242b 100644 --- a/docs/porting-guide.md +++ b/docs/porting-guide.md @@ -633,6 +633,35 @@ retrieved from the platform. The function also reports extra information related to the ROTPK in the flags parameter. +### Function: plat_get_nv_ctr() + + Argument : void *, unsigned int * + Return : int + +This function is mandatory when Trusted Board Boot is enabled. It returns the +non-volatile counter value stored in the platform in the second argument. The +cookie in the first argument may be used to select the counter in case the +platform provides more than one (for example, on platforms that use the default +TBBR CoT, the cookie will correspond to the OID values defined in +TRUSTED_FW_NVCOUNTER_OID or NON_TRUSTED_FW_NVCOUNTER_OID). + +The function returns 0 on success. Any other value means the counter value could +not be retrieved from the platform. + + +### Function: plat_set_nv_ctr() + + Argument : void *, unsigned int + Return : int + +This function is mandatory when Trusted Board Boot is enabled. It sets a new +counter value in the platform. The cookie in the first argument may be used to +select the counter (as explained in plat_get_nv_ctr()). + +The function returns 0 on success. Any other value means the counter value could +not be updated. + + 2.3 Common mandatory modifications --------------------------------- diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c index bdd3c5a1..41845561 100644 --- a/drivers/auth/auth_mod.c +++ b/drivers/auth/auth_mod.c @@ -40,6 +40,9 @@ #include <stdint.h> #include <string.h> +/* ASN.1 tags */ +#define ASN1_INTEGER 0x02 + #define return_if_error(rc) \ do { \ if (rc != 0) { \ @@ -227,6 +230,83 @@ static int auth_signature(const auth_method_param_sig_t *param, } /* + * Authenticate by Non-Volatile counter + * + * To protect the system against rollback, the platform includes a non-volatile + * counter whose value can only be increased. All certificates include a counter + * value that should not be lower than the value stored in the platform. If the + * value is larger, the counter in the platform must be updated to the new + * value. + * + * Return: 0 = success, Otherwise = error + */ +static int auth_nvctr(const auth_method_param_nv_ctr_t *param, + const auth_img_desc_t *img_desc, + void *img, unsigned int img_len) +{ + char *p; + void *data_ptr = NULL; + unsigned int data_len, len, i; + unsigned int cert_nv_ctr, plat_nv_ctr; + int rc = 0; + + /* Get the counter value from current image. The AM expects the IPM + * to return the counter value as a DER encoded integer */ + rc = img_parser_get_auth_param(img_desc->img_type, param->cert_nv_ctr, + img, img_len, &data_ptr, &data_len); + return_if_error(rc); + + /* Parse the DER encoded integer */ + assert(data_ptr); + p = (char *)data_ptr; + if (*p != ASN1_INTEGER) { + /* Invalid ASN.1 integer */ + return 1; + } + p++; + + /* NV-counters are unsigned integers up to 32-bit */ + len = (unsigned int)(*p & 0x7f); + if ((*p & 0x80) || (len > 4)) { + return 1; + } + p++; + + /* Check the number is not negative */ + if (*p & 0x80) { + return 1; + } + + /* Convert to unsigned int. This code is for a little-endian CPU */ + cert_nv_ctr = 0; + for (i = 0; i < len; i++) { + cert_nv_ctr = (cert_nv_ctr << 8) | *p++; + } + + /* Get the counter from the platform */ + rc = plat_get_nv_ctr(param->plat_nv_ctr->cookie, &plat_nv_ctr); + return_if_error(rc); + + if (cert_nv_ctr < plat_nv_ctr) { + /* Invalid NV-counter */ + return 1; + } else if (cert_nv_ctr > plat_nv_ctr) { + if (img_desc->parent == NULL) { + /* This certificate has been signed with the ROT key. + * Update the platform counter value */ + rc = plat_set_nv_ctr(param->plat_nv_ctr->cookie, + cert_nv_ctr); + return_if_error(rc); + } else { + /* Secondary certificates cannot modify the counter */ + return 1; + } + } + + return 0; +} + +/* * Return the parent id in the output parameter '*parent_id' * * Return value: @@ -310,6 +390,10 @@ int auth_mod_verify_img(unsigned int img_id, rc = auth_signature(&auth_method->param.sig, img_desc, img_ptr, img_len); break; + case AUTH_METHOD_NV_CTR: + rc = auth_nvctr(&auth_method->param.nv_ctr, + img_desc, img_ptr, img_len); + break; default: /* Unknown authentication method */ rc = 1; diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c index 52e69719..1a6a9a75 100644 --- a/drivers/auth/mbedtls/mbedtls_x509_parser.c +++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c @@ -405,6 +405,13 @@ static int check_integrity(void *img, unsigned int img_len) /* * Extract an authentication parameter from an X509v3 certificate + * + * This function returns a pointer to the extracted data and its length. + * Depending on the type of parameter, a pointer to the data stored in the + * certificate may be returned (i.e. an octet string containing a hash). Other + * data may need to be copied and formatted (i.e. integers). In the later case, + * a buffer of the correct type needs to be statically allocated, filled and + * returned. */ static int get_auth_param(const auth_param_type_desc_t *type_desc, void *img, unsigned int img_len, @@ -422,6 +429,7 @@ static int get_auth_param(const auth_param_type_desc_t *type_desc, *param_len = (unsigned int)tbs.len; break; case AUTH_PARAM_HASH: + case AUTH_PARAM_NV_CTR: /* All these parameters are included as X509v3 extensions */ rc = get_ext(type_desc->cookie, param, param_len); break; diff --git a/drivers/auth/tbbr/tbbr_cot.c b/drivers/auth/tbbr/tbbr_cot.c index 6023c784..dae35d13 100644 --- a/drivers/auth/tbbr/tbbr_cot.c +++ b/drivers/auth/tbbr/tbbr_cot.c @@ -56,6 +56,11 @@ static unsigned char content_pk_buf[PK_DER_LEN]; /* * Parameter type descriptors */ +static auth_param_type_desc_t trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_NV_CTR, TRUSTED_FW_NVCOUNTER_OID); +static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC( + AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID); + static auth_param_type_desc_t subject_pk = AUTH_PARAM_TYPE_DESC( AUTH_PARAM_PUB_KEY, 0); static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC( @@ -116,6 +121,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -158,6 +170,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -193,6 +212,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -218,6 +244,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -260,6 +293,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -285,6 +325,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -327,6 +374,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -352,6 +406,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &trusted_nv_ctr, + .plat_nv_ctr = &trusted_nv_ctr + } } }, .authenticated_data = { @@ -394,6 +455,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &non_trusted_nv_ctr, + .plat_nv_ctr = &non_trusted_nv_ctr + } } }, .authenticated_data = { @@ -419,6 +487,13 @@ static const auth_img_desc_t cot_desc[] = { .alg = &sig_alg, .data = &raw_data, } + }, + [1] = { + .type = AUTH_METHOD_NV_CTR, + .param.nv_ctr = { + .cert_nv_ctr = &non_trusted_nv_ctr, + .plat_nv_ctr = &non_trusted_nv_ctr + } } }, .authenticated_data = { diff --git a/include/drivers/auth/auth_common.h b/include/drivers/auth/auth_common.h index 52a895e4..456f69f2 100644 --- a/include/drivers/auth/auth_common.h +++ b/include/drivers/auth/auth_common.h @@ -46,6 +46,7 @@ typedef enum auth_param_type_enum { AUTH_PARAM_SIG_ALG, /* The image signature algorithm */ AUTH_PARAM_HASH, /* A hash (including the algorithm) */ AUTH_PARAM_PUB_KEY, /* A public key */ + AUTH_PARAM_NV_CTR, /* A non-volatile counter */ } auth_param_type_t; /* @@ -80,6 +81,7 @@ typedef enum auth_method_type_enum { AUTH_METHOD_NONE = 0, AUTH_METHOD_HASH, /* Authenticate by hash matching */ AUTH_METHOD_SIG, /* Authenticate by PK operation */ + AUTH_METHOD_NV_CTR, /* Authenticate by Non-Volatile Counter */ AUTH_METHOD_NUM /* Number of methods */ } auth_method_type_t; @@ -105,7 +107,8 @@ typedef struct auth_method_param_sig_s { * Parameters for authentication by NV counter */ typedef struct auth_method_param_nv_ctr_s { - auth_param_type_desc_t *nv_ctr; /* NV counter value */ + auth_param_type_desc_t *cert_nv_ctr; /* NV counter in certificate */ + auth_param_type_desc_t *plat_nv_ctr; /* NV counter in platform */ } auth_method_param_nv_ctr_t; /* diff --git a/include/plat/arm/soc/common/soc_css_def.h b/include/plat/arm/soc/common/soc_css_def.h index 428df4d2..f1396a6c 100644 --- a/include/plat/arm/soc/common/soc_css_def.h +++ b/include/plat/arm/soc/common/soc_css_def.h @@ -65,6 +65,13 @@ */ #define SOC_CSS_NIC400_APB4_BRIDGE 4 +/* Non-volatile counters */ +#define SOC_TRUSTED_NVCTR_BASE 0x7fe70000 +#define TFW_NVCTR_BASE (SOC_TRUSTED_NVCTR_BASE + 0x0000) +#define TFW_NVCTR_SIZE 4 +#define NTFW_CTR_BASE (SOC_TRUSTED_NVCTR_BASE + 0x0004) +#define NTFW_CTR_SIZE 4 + /* Keys */ #define SOC_KEYS_BASE 0x7fe80000 #define TZ_PUB_KEY_HASH_BASE (SOC_KEYS_BASE + 0x0000) diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 6f0a8a0f..58575012 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -249,6 +249,8 @@ void bl32_plat_enable_mmu(uint32_t flags); ******************************************************************************/ int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, unsigned int *flags); +int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr); +int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr); #if ENABLE_PLAT_COMPAT /* diff --git a/make_helpers/tbbr/tbbr_tools.mk b/make_helpers/tbbr/tbbr_tools.mk index e934d720..71d97473 100644 --- a/make_helpers/tbbr/tbbr_tools.mk +++ b/make_helpers/tbbr/tbbr_tools.mk @@ -58,6 +58,14 @@ TRUSTED_KEY_CERT := ${BUILD_PLAT}/trusted_key.crt FWU_CERT := ${BUILD_PLAT}/fwu_cert.crt +# Default non-volatile counter values (overridable by the platform) +TFW_NVCTR_VAL ?= 0 +NTFW_NVCTR_VAL ?= 0 + +# Pass the non-volatile counters to the cert_create tool +$(eval $(call CERT_ADD_CMD_OPT,${TFW_NVCTR_VAL},--tfw-nvctr)) +$(eval $(call CERT_ADD_CMD_OPT,${NTFW_NVCTR_VAL},--ntfw-nvctr)) + # Add Trusted Key certificate to the fip_create and cert_create command line options $(eval $(call FIP_ADD_PAYLOAD,${TRUSTED_KEY_CERT},--trusted-key-cert)) $(eval $(call CERT_ADD_CMD_OPT,${TRUSTED_KEY_CERT},--trusted-key-cert)) diff --git a/plat/arm/board/common/board_arm_trusted_boot.c b/plat/arm/board/common/board_arm_trusted_boot.c index 103aafbf..7ae00cce 100644 --- a/plat/arm/board/common/board_arm_trusted_boot.c +++ b/plat/arm/board/common/board_arm_trusted_boot.c @@ -31,11 +31,14 @@ #include <arm_def.h> #include <assert.h> #include <platform.h> +#include <platform_oid.h> #include <stdint.h> #include <string.h> /* Weak definition may be overridden in specific platform */ #pragma weak plat_match_rotpk +#pragma weak plat_get_nv_ctr +#pragma weak plat_set_nv_ctr /* SHA256 algorithm */ #define SHA256_BYTES 32 @@ -148,3 +151,43 @@ int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, return 0; } +/* + * Return the non-volatile counter value stored in the platform. The cookie + * will contain the OID of the counter in the certificate. + * + * Return: 0 = success, Otherwise = error + */ +int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr) +{ + const char *oid; + uint32_t *nv_ctr_addr; + + assert(cookie != NULL); + assert(nv_ctr != NULL); + + oid = (const char *)cookie; + if (strcmp(oid, TRUSTED_FW_NVCOUNTER_OID) == 0) { + nv_ctr_addr = (uint32_t *)TFW_NVCTR_BASE; + } else if (strcmp(oid, NON_TRUSTED_FW_NVCOUNTER_OID) == 0) { + nv_ctr_addr = (uint32_t *)NTFW_CTR_BASE; + } else { + return 1; + } + + *nv_ctr = (unsigned int)(*nv_ctr_addr); + + return 0; +} + +/* + * Store a new non-volatile counter value. On Juno and FVP, the non-volatile + * counters are RO and cannot be modified. We expect the values in the + * certificates to always match the RO values so that this function is never + * called. + * + * Return: 0 = success, Otherwise = error + */ +int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr) +{ + return 1; +} diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk index da6beec6..6ddc0c92 100644 --- a/plat/arm/board/common/board_common.mk +++ b/plat/arm/board/common/board_common.mk @@ -51,6 +51,11 @@ ifneq (${TRUSTED_BOARD_BOOT},0) endif $(eval $(call add_define,ARM_ROTPK_LOCATION_ID)) + # Certificate NV-Counters. Use values corresponding to tied off values in + # ARM development platforms + TFW_NVCTR_VAL ?= 31 + NTFW_NVCTR_VAL ?= 223 + BL1_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c BL2_SOURCES += plat/arm/board/common/board_arm_trusted_boot.c endif diff --git a/plat/arm/board/fvp/fvp_def.h b/plat/arm/board/fvp/fvp_def.h index dbca280c..b0f07ef5 100644 --- a/plat/arm/board/fvp/fvp_def.h +++ b/plat/arm/board/fvp/fvp_def.h @@ -69,7 +69,13 @@ #define PCIE_EXP_BASE 0x40000000 #define TZRNG_BASE 0x7fe60000 -#define TZNVCTR_BASE 0x7fe70000 + +/* Non-volatile counters */ +#define TRUSTED_NVCTR_BASE 0x7fe70000 +#define TFW_NVCTR_BASE (TRUSTED_NVCTR_BASE + 0x0000) +#define TFW_NVCTR_SIZE 4 +#define NTFW_CTR_BASE (TRUSTED_NVCTR_BASE + 0x0004) +#define NTFW_CTR_SIZE 4 /* Keys */ #define SOC_KEYS_BASE 0x7fe80000 diff --git a/tools/cert_create/include/ext.h b/tools/cert_create/include/ext.h index 82a4bcb9..95bde6ce 100644 --- a/tools/cert_create/include/ext.h +++ b/tools/cert_create/include/ext.h @@ -35,12 +35,18 @@ #include <openssl/x509v3.h> /* Extension types supported */ -enum { +enum ext_type_e { EXT_TYPE_NVCOUNTER, EXT_TYPE_PKEY, EXT_TYPE_HASH }; +/* NV-Counter types */ +enum nvctr_type_e { + NVCTR_TYPE_TFW, + NVCTR_TYPE_NTFW +}; + /* * This structure contains the relevant information to create the extensions * to be included in the certificates. This extensions will be used to @@ -50,20 +56,21 @@ typedef struct ext_s { const char *oid; /* OID of the extension */ const char *sn; /* Short name */ const char *ln; /* Long description */ + const char *opt; /* Command line option to specify data */ const char *help_msg; /* Help message */ + const char *arg; /* Argument passed from command line */ int asn1_type; /* OpenSSL ASN1 type of the extension data. * Supported types are: * - V_ASN1_INTEGER * - V_ASN1_OCTET_STRING */ - int type; - const char *opt; /* Command line option to specify data */ - /* Extension data (depends on extension type) */ + int type; /* See ext_type_e */ + + /* Extension attributes (depends on extension type) */ union { - const char *fn; /* File with extension data */ - int nvcounter; /* Non volatile counter */ - int key; /* Public key */ - } data; + int nvctr_type; /* See nvctr_type_e */ + int key; /* Index into array of registered public keys */ + } attr; int alias; /* In case OpenSSL provides an standard * extension of the same type, add the new diff --git a/tools/cert_create/src/main.c b/tools/cert_create/src/main.c index 3d2b4ba2..c87d9888 100644 --- a/tools/cert_create/src/main.c +++ b/tools/cert_create/src/main.c @@ -196,9 +196,17 @@ static void check_cmd_params(void) for (j = 0; j < cert->num_ext; j++) { ext = &extensions[cert->ext[j]]; switch (ext->type) { + case EXT_TYPE_NVCOUNTER: + /* Counter value must be specified */ + if ((!ext->optional) && (ext->arg == NULL)) { + ERROR("Value for '%s' not specified\n", + ext->ln); + exit(1); + } + break; case EXT_TYPE_PKEY: /* Key filename must be specified */ - key = &keys[ext->data.key]; + key = &keys[ext->attr.key]; if (!new_keys && key->fn == NULL) { ERROR("Key '%s' required by '%s' not " "specified\n", key->desc, @@ -211,15 +219,15 @@ static void check_cmd_params(void) * Binary image must be specified * unless it is explicitly made optional. */ - if ((!ext->optional) && (ext->data.fn == NULL)) { + if ((!ext->optional) && (ext->arg == NULL)) { ERROR("Image for '%s' not specified\n", ext->ln); exit(1); } break; default: - ERROR("Unknown extension type in '%s'\n", - ext->ln); + ERROR("Unknown extension type '%d' in '%s'\n", + ext->type, ext->ln); exit(1); break; } @@ -259,7 +267,7 @@ int main(int argc, char *argv[]) key_t *key = NULL; cert_t *cert = NULL; FILE *file = NULL; - int i, j, ext_nid; + int i, j, ext_nid, nvctr; int c, opt_idx = 0; const struct option *cmd_opt; const char *cur_opt; @@ -331,7 +339,7 @@ int main(int argc, char *argv[]) case CMD_OPT_EXT: cur_opt = cmd_opt_get_name(opt_idx); ext = ext_get_by_opt(cur_opt); - ext->data.fn = strdup(optarg); + ext->arg = strdup(optarg); break; case CMD_OPT_KEY: cur_opt = cmd_opt_get_name(opt_idx); @@ -420,11 +428,12 @@ int main(int argc, char *argv[]) */ switch (ext->type) { case EXT_TYPE_NVCOUNTER: + nvctr = atoi(ext->arg); CHECK_NULL(cert_ext, ext_new_nvcounter(ext_nid, - EXT_CRIT, ext->data.nvcounter)); + EXT_CRIT, nvctr)); break; case EXT_TYPE_HASH: - if (ext->data.fn == NULL) { + if (ext->arg == NULL) { if (ext->optional) { /* Include a hash filled with zeros */ memset(md, 0x0, SHA256_DIGEST_LENGTH); @@ -434,9 +443,9 @@ int main(int argc, char *argv[]) } } else { /* Calculate the hash of the file */ - if (!sha_file(ext->data.fn, md)) { + if (!sha_file(ext->arg, md)) { ERROR("Cannot calculate hash of %s\n", - ext->data.fn); + ext->arg); exit(1); } } @@ -446,11 +455,11 @@ int main(int argc, char *argv[]) break; case EXT_TYPE_PKEY: CHECK_NULL(cert_ext, ext_new_key(ext_nid, - EXT_CRIT, keys[ext->data.key].key)); + EXT_CRIT, keys[ext->attr.key].key)); break; default: - ERROR("Unknown extension type in %s\n", - cert->cn); + ERROR("Unknown extension type '%d' in %s\n", + ext->type, cert->cn); exit(1); } diff --git a/tools/cert_create/src/tbbr/tbb_cert.c b/tools/cert_create/src/tbbr/tbb_cert.c index 7a50ab35..8f7feb51 100644 --- a/tools/cert_create/src/tbbr/tbb_cert.c +++ b/tools/cert_create/src/tbbr/tbb_cert.c @@ -49,9 +49,10 @@ static cert_t tbb_certs[] = { .key = ROT_KEY, .issuer = TRUSTED_BOOT_FW_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, TRUSTED_BOOT_FW_HASH_EXT }, - .num_ext = 1 + .num_ext = 2 }, [TRUSTED_KEY_CERT] = { .id = TRUSTED_KEY_CERT, @@ -62,10 +63,11 @@ static cert_t tbb_certs[] = { .key = ROT_KEY, .issuer = TRUSTED_KEY_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, TRUSTED_WORLD_PK_EXT, NON_TRUSTED_WORLD_PK_EXT }, - .num_ext = 2 + .num_ext = 3 }, [SCP_FW_KEY_CERT] = { .id = SCP_FW_KEY_CERT, @@ -76,9 +78,10 @@ static cert_t tbb_certs[] = { .key = TRUSTED_WORLD_KEY, .issuer = SCP_FW_KEY_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, SCP_FW_CONTENT_CERT_PK_EXT }, - .num_ext = 1 + .num_ext = 2 }, [SCP_FW_CONTENT_CERT] = { .id = SCP_FW_CONTENT_CERT, @@ -89,9 +92,10 @@ static cert_t tbb_certs[] = { .key = SCP_FW_CONTENT_CERT_KEY, .issuer = SCP_FW_CONTENT_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, SCP_FW_HASH_EXT }, - .num_ext = 1 + .num_ext = 2 }, [SOC_FW_KEY_CERT] = { .id = SOC_FW_KEY_CERT, @@ -102,9 +106,10 @@ static cert_t tbb_certs[] = { .key = TRUSTED_WORLD_KEY, .issuer = SOC_FW_KEY_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, SOC_FW_CONTENT_CERT_PK_EXT }, - .num_ext = 1 + .num_ext = 2 }, [SOC_FW_CONTENT_CERT] = { .id = SOC_FW_CONTENT_CERT, @@ -115,9 +120,10 @@ static cert_t tbb_certs[] = { .key = SOC_FW_CONTENT_CERT_KEY, .issuer = SOC_FW_CONTENT_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, SOC_AP_FW_HASH_EXT }, - .num_ext = 1 + .num_ext = 2 }, [TRUSTED_OS_FW_KEY_CERT] = { .id = TRUSTED_OS_FW_KEY_CERT, @@ -128,9 +134,10 @@ static cert_t tbb_certs[] = { .key = TRUSTED_WORLD_KEY, .issuer = TRUSTED_OS_FW_KEY_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, TRUSTED_OS_FW_CONTENT_CERT_PK_EXT }, - .num_ext = 1 + .num_ext = 2 }, [TRUSTED_OS_FW_CONTENT_CERT] = { .id = TRUSTED_OS_FW_CONTENT_CERT, @@ -141,9 +148,10 @@ static cert_t tbb_certs[] = { .key = TRUSTED_OS_FW_CONTENT_CERT_KEY, .issuer = TRUSTED_OS_FW_CONTENT_CERT, .ext = { + TRUSTED_FW_NVCOUNTER_EXT, TRUSTED_OS_FW_HASH_EXT }, - .num_ext = 1 + .num_ext = 2 }, [NON_TRUSTED_FW_KEY_CERT] = { .id = NON_TRUSTED_FW_KEY_CERT, @@ -154,9 +162,10 @@ static cert_t tbb_certs[] = { .key = NON_TRUSTED_WORLD_KEY, .issuer = NON_TRUSTED_FW_KEY_CERT, .ext = { + NON_TRUSTED_FW_NVCOUNTER_EXT, NON_TRUSTED_FW_CONTENT_CERT_PK_EXT }, - .num_ext = 1 + .num_ext = 2 }, [NON_TRUSTED_FW_CONTENT_CERT] = { .id = NON_TRUSTED_FW_CONTENT_CERT, @@ -167,9 +176,10 @@ static cert_t tbb_certs[] = { .key = NON_TRUSTED_FW_CONTENT_CERT_KEY, .issuer = NON_TRUSTED_FW_CONTENT_CERT, .ext = { + NON_TRUSTED_FW_NVCOUNTER_EXT, NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT }, - .num_ext = 1 + .num_ext = 2 }, [FWU_CERT] = { .id = FWU_CERT, diff --git a/tools/cert_create/src/tbbr/tbb_ext.c b/tools/cert_create/src/tbbr/tbb_ext.c index 8bcb0704..5304bd5e 100644 --- a/tools/cert_create/src/tbbr/tbb_ext.c +++ b/tools/cert_create/src/tbbr/tbb_ext.c @@ -44,19 +44,23 @@ static ext_t tbb_ext[] = { [TRUSTED_FW_NVCOUNTER_EXT] = { .oid = TRUSTED_FW_NVCOUNTER_OID, + .opt = "tfw-nvctr", + .help_msg = "Trusted Firmware Non-Volatile counter value", .sn = "TrustedWorldNVCounter", .ln = "Trusted World Non-Volatile counter", .asn1_type = V_ASN1_INTEGER, .type = EXT_TYPE_NVCOUNTER, - .data.nvcounter = TRUSTED_WORLD_NVCTR_VALUE + .attr.nvctr_type = NVCTR_TYPE_TFW }, [NON_TRUSTED_FW_NVCOUNTER_EXT] = { .oid = NON_TRUSTED_FW_NVCOUNTER_OID, + .opt = "ntfw-nvctr", + .help_msg = "Non-Trusted Firmware Non-Volatile counter value", .sn = "NormalWorldNVCounter", - .ln = "Normal World Non-Volatile counter", + .ln = "Non-Trusted Firmware Non-Volatile counter", .asn1_type = V_ASN1_INTEGER, .type = EXT_TYPE_NVCOUNTER, - .data.nvcounter = NORMAL_WORLD_NVCTR_VALUE + .attr.nvctr_type = NVCTR_TYPE_NTFW }, [TRUSTED_BOOT_FW_HASH_EXT] = { .oid = TRUSTED_BOOT_FW_HASH_OID, @@ -73,7 +77,7 @@ static ext_t tbb_ext[] = { .ln = "Trusted World Public Key", .asn1_type = V_ASN1_OCTET_STRING, .type = EXT_TYPE_PKEY, - .data.key = TRUSTED_WORLD_KEY + .attr.key = TRUSTED_WORLD_KEY }, [NON_TRUSTED_WORLD_PK_EXT] = { .oid = NON_TRUSTED_WORLD_PK_OID, @@ -81,7 +85,7 @@ static ext_t tbb_ext[] = { .ln = "Non-Trusted World Public Key", .asn1_type = V_ASN1_OCTET_STRING, .type = EXT_TYPE_PKEY, - .data.key = NON_TRUSTED_WORLD_KEY + .attr.key = NON_TRUSTED_WORLD_KEY }, [SCP_FW_CONTENT_CERT_PK_EXT] = { .oid = SCP_FW_CONTENT_CERT_PK_OID, @@ -89,7 +93,7 @@ static ext_t tbb_ext[] = { .ln = "SCP Firmware content certificate public key", .asn1_type = V_ASN1_OCTET_STRING, .type = EXT_TYPE_PKEY, - .data.key = SCP_FW_CONTENT_CERT_KEY + .attr.key = SCP_FW_CONTENT_CERT_KEY }, [SCP_FW_HASH_EXT] = { .oid = SCP_FW_HASH_OID, @@ -106,7 +110,7 @@ static ext_t tbb_ext[] = { .ln = "SoC Firmware content certificate public key", .asn1_type = V_ASN1_OCTET_STRING, .type = EXT_TYPE_PKEY, - .data.key = SOC_FW_CONTENT_CERT_KEY + .attr.key = SOC_FW_CONTENT_CERT_KEY }, [SOC_AP_FW_HASH_EXT] = { .oid = SOC_AP_FW_HASH_OID, @@ -123,7 +127,7 @@ static ext_t tbb_ext[] = { .ln = "Trusted OS Firmware content certificate public key", .asn1_type = V_ASN1_OCTET_STRING, .type = EXT_TYPE_PKEY, - .data.key = TRUSTED_OS_FW_CONTENT_CERT_KEY + .attr.key = TRUSTED_OS_FW_CONTENT_CERT_KEY }, [TRUSTED_OS_FW_HASH_EXT] = { .oid = TRUSTED_OS_FW_HASH_OID, @@ -140,7 +144,7 @@ static ext_t tbb_ext[] = { .ln = "Non-Trusted Firmware content certificate public key", .asn1_type = V_ASN1_OCTET_STRING, .type = EXT_TYPE_PKEY, - .data.key = NON_TRUSTED_FW_CONTENT_CERT_KEY + .attr.key = NON_TRUSTED_FW_CONTENT_CERT_KEY }, [NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT] = { .oid = NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID, |