ext.h 2.24 KB
Newer Older
1
2
3
/*
 * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
 *
dp-arm's avatar
dp-arm committed
4
 * SPDX-License-Identifier: BSD-3-Clause
5
6
 */

7
8
#ifndef EXT_H
#define EXT_H
9
10

#include <openssl/x509v3.h>
Isla Mitchell's avatar
Isla Mitchell committed
11
#include "key.h"
12

13
/* Extension types supported */
14
enum ext_type_e {
15
16
17
18
19
	EXT_TYPE_NVCOUNTER,
	EXT_TYPE_PKEY,
	EXT_TYPE_HASH
};

20
21
22
23
24
25
/* NV-Counter types */
enum nvctr_type_e {
	NVCTR_TYPE_TFW,
	NVCTR_TYPE_NTFW
};

26
27
28
29
30
31
32
33
34
/*
 * This structure contains the relevant information to create the extensions
 * to be included in the certificates. This extensions will be used to
 * establish the chain of trust.
 */
typedef struct ext_s {
	const char *oid;	/* OID of the extension */
	const char *sn;		/* Short name */
	const char *ln;		/* Long description */
35
	const char *opt;	/* Command line option to specify data */
36
	const char *help_msg;	/* Help message */
37
	const char *arg;	/* Argument passed from command line */
38
	int asn1_type;		/* OpenSSL ASN1 type of the extension data.
39
40
41
42
				 * Supported types are:
				 *   - V_ASN1_INTEGER
				 *   - V_ASN1_OCTET_STRING
				 */
43
44
45
	int type;		/* See ext_type_e */

	/* Extension attributes (depends on extension type) */
46
	union {
47
48
49
		int nvctr_type;	/* See nvctr_type_e */
		int key;	/* Index into array of registered public keys */
	} attr;
50

51
52
53
54
55
56
57
58
	int alias;		/* In case OpenSSL provides an standard
				 * extension of the same type, add the new
				 * extension as an alias of this one
				 */

	X509V3_EXT_METHOD method; /* This field may be used to define a custom
				   * function to print the contents of the
				   * extension */
59
60

	int optional;	/* This field may be used optionally to exclude an image */
61
62
63
64
65
66
67
} ext_t;

enum {
	EXT_NON_CRIT = 0,
	EXT_CRIT = !EXT_NON_CRIT,
};

68
/* Exported API */
69
70
int ext_init(void);
ext_t *ext_get_by_opt(const char *opt);
71
72
X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md,
		unsigned char *buf, size_t len);
73
74
75
X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value);
X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k);

76
77
78
/* Macro to register the extensions used in the CoT */
#define REGISTER_EXTENSIONS(_ext) \
	ext_t *extensions = &_ext[0]; \
79
	const unsigned int num_extensions = sizeof(_ext)/sizeof(_ext[0])
80
81
82
83
84

/* Exported variables */
extern ext_t *extensions;
extern const unsigned int num_extensions;

85
#endif /* EXT_H */