cot.h 1.78 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
/*
 * Copyright (c) 2020, Arm Limited. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#ifndef DUALROOT_COT_H
#define DUALROOT_COT_H

/* Certificates. */
enum {
	/* Certificates owned by the silicon provider. */
	TRUSTED_BOOT_FW_CERT,
	TRUSTED_KEY_CERT,
	SCP_FW_KEY_CERT,
	SCP_FW_CONTENT_CERT,
	SOC_FW_KEY_CERT,
	SOC_FW_CONTENT_CERT,
	TRUSTED_OS_FW_KEY_CERT,
	TRUSTED_OS_FW_CONTENT_CERT,
21
	SIP_SECURE_PARTITION_CONTENT_CERT,
22
23
24
25
	FWU_CERT,

	/* Certificates owned by the platform owner. */
	NON_TRUSTED_FW_CONTENT_CERT,
26
	PLAT_SECURE_PARTITION_CONTENT_CERT,
27
28
29
30
31
32
33
34
35
};

/* Certificate extensions. */
enum {
	/* Extensions used in certificates owned by the silicon provider. */
	TRUSTED_FW_NVCOUNTER_EXT,
	TRUSTED_BOOT_FW_HASH_EXT,
	TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
	HW_CONFIG_HASH_EXT,
36
	FW_CONFIG_HASH_EXT,
37
38
39
40
41
42
43
44
45
46
47
	TRUSTED_WORLD_PK_EXT,
	SCP_FW_CONTENT_CERT_PK_EXT,
	SCP_FW_HASH_EXT,
	SOC_FW_CONTENT_CERT_PK_EXT,
	SOC_AP_FW_HASH_EXT,
	SOC_FW_CONFIG_HASH_EXT,
	TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
	TRUSTED_OS_FW_HASH_EXT,
	TRUSTED_OS_FW_EXTRA1_HASH_EXT,
	TRUSTED_OS_FW_EXTRA2_HASH_EXT,
	TRUSTED_OS_FW_CONFIG_HASH_EXT,
48
49
50
51
52
53
54
55
	SP_PKG1_HASH_EXT,
	SP_PKG2_HASH_EXT,
	SP_PKG3_HASH_EXT,
	SP_PKG4_HASH_EXT,
	SP_PKG5_HASH_EXT,
	SP_PKG6_HASH_EXT,
	SP_PKG7_HASH_EXT,
	SP_PKG8_HASH_EXT,
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
	SCP_FWU_CFG_HASH_EXT,
	AP_FWU_CFG_HASH_EXT,
	FWU_HASH_EXT,

	/* Extensions used in certificates owned by the platform owner. */
	PROT_PK_EXT,
	NON_TRUSTED_FW_NVCOUNTER_EXT,
	NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
	NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
	NON_TRUSTED_FW_CONFIG_HASH_EXT,
};

/* Keys. */
enum {
	/* Keys owned by the silicon provider. */
	ROT_KEY,
	TRUSTED_WORLD_KEY,
	SCP_FW_CONTENT_CERT_KEY,
	SOC_FW_CONTENT_CERT_KEY,
	TRUSTED_OS_FW_CONTENT_CERT_KEY,

	/* Keys owned by the platform owner. */
	PROT_KEY,
};

#endif /* DUALROOT_COT_H */