Skip to content

GitLab

Switch branch/tag
Find file Normal viewHistoryPermalink
tbbr_cot.c 21.3 KB
Newer Older
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
1 
/*
Sandrine Bailleux's avatar
TBBR: Reduce size of ECDSA key buffers    
Sandrine Bailleux committed
2 
 * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
3 
 *
dp-arm's avatar
Use SPDX license identifiers    
dp-arm committed
4 
 * SPDX-License-Identifier: BSD-3-Clause
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
5
6 
 */
Isla Mitchell's avatar
Fix order of #includes    
Isla Mitchell committed
7
8 
#include <stddef.h>
Antonio Nino Diaz's avatar
Sanitise includes across codebase    
Antonio Nino Diaz committed
9 
#include <platform_def.h>
Justin Chadwell's avatar
Support larger RSA key sizes when using MBEDTLS    
Justin Chadwell committed
10 
#include <drivers/auth/mbedtls/mbedtls_config.h>
Antonio Nino Diaz's avatar
Sanitise includes across codebase    
Antonio Nino Diaz committed
11
12 

#include <drivers/auth/auth_mod.h>
Masahiro Yamada's avatar
cert: move platform_oid.h to include/tools_share for all platforms    
Masahiro Yamada committed
13 
#if USE_TBBR_DEFS
Antonio Nino Diaz's avatar
Sanitise includes across codebase    
Antonio Nino Diaz committed
14 
#include <tools_share/tbbr_oid.h>
Masahiro Yamada's avatar
cert: move platform_oid.h to include/tools_share for all platforms    
Masahiro Yamada committed
15 
#else
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
16 
#include <platform_oid.h>
Masahiro Yamada's avatar
cert: move platform_oid.h to include/tools_share for all platforms    
Masahiro Yamada committed
17 
#endif
Isla Mitchell's avatar
Fix order of #includes    
Isla Mitchell committed
18
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
19
20 

/*
Sandrine Bailleux's avatar
TBBR: Reduce size of ECDSA key buffers    
Sandrine Bailleux committed
21
22
23
24
25
26 
 * Maximum key and hash sizes (in DER format).
 *
 * Both RSA and ECDSA keys may be used at the same time. In this case, the key
 * buffers must be big enough to hold either. As RSA keys are bigger than ECDSA
 * ones for all key sizes we support, they impose the minimum size of these
 * buffers.
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
27 
 */
Justin Chadwell's avatar
Support larger RSA key sizes when using MBEDTLS    
Justin Chadwell committed
28
29
30
31 
#if TF_MBEDTLS_USE_RSA
#if TF_MBEDTLS_KEY_SIZE == 1024
#define PK_DER_LEN			162
#elif TF_MBEDTLS_KEY_SIZE == 2048
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
32 
#define PK_DER_LEN			294
Justin Chadwell's avatar
Support larger RSA key sizes when using MBEDTLS    
Justin Chadwell committed
33
34
35
36
37
38
39 
#elif TF_MBEDTLS_KEY_SIZE == 3072
#define PK_DER_LEN			422
#elif TF_MBEDTLS_KEY_SIZE == 4096
#define PK_DER_LEN			550
#else
#error "Invalid value for TF_MBEDTLS_KEY_SIZE"
#endif
Sandrine Bailleux's avatar
TBBR: Reduce size of ECDSA key buffers    
Sandrine Bailleux committed
40
41 
#else /* Only using ECDSA keys. */
#define PK_DER_LEN			91
Justin Chadwell's avatar
Support larger RSA key sizes when using MBEDTLS    
Justin Chadwell committed
42
43 
#endif
Sandrine Bailleux's avatar
TBBR: Reduce size of hash buffers when possible    
Sandrine Bailleux committed
44
45
46
47
48 
#if TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA256
#define HASH_DER_LEN			51
#elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA384
#define HASH_DER_LEN			67
#elif TF_MBEDTLS_HASH_ALG_ID == TF_MBEDTLS_SHA512
Qixiang Xu's avatar
tbbr: Add build flag HASH_ALG to let the user to select the SHA    
Qixiang Xu committed
49 
#define HASH_DER_LEN			83
Sandrine Bailleux's avatar
TBBR: Reduce size of hash buffers when possible    
Sandrine Bailleux committed
50
51
52 
#else
#error "Invalid value for TF_MBEDTLS_HASH_ALG_ID"
#endif
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
53
54
55
56
57
58 

/*
 * The platform must allocate buffers to store the authentication parameters
 * extracted from the certificates. In this case, because of the way the CoT is
 * established, we can reuse some of the buffers on different stages
 */
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
59
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
60 
static unsigned char tb_fw_hash_buf[HASH_DER_LEN];
Soby Mathew's avatar
Dynamic cfg: Add HW and TB_FW configs to CoT    
Soby Mathew committed
61
62 
static unsigned char tb_fw_config_hash_buf[HASH_DER_LEN];
static unsigned char hw_config_hash_buf[HASH_DER_LEN];
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
63 
static unsigned char scp_fw_hash_buf[HASH_DER_LEN];
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
64
65
66 
static unsigned char nt_world_bl_hash_buf[HASH_DER_LEN];

#ifdef IMAGE_BL2
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
67
68 
static unsigned char soc_fw_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_hash_buf[HASH_DER_LEN];
Summer Qin's avatar
Support Trusted OS firmware extra images in TF tools    
Summer Qin committed
69
70 
static unsigned char tos_fw_extra1_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_extra2_hash_buf[HASH_DER_LEN];
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
71
72
73 
static unsigned char trusted_world_pk_buf[PK_DER_LEN];
static unsigned char non_trusted_world_pk_buf[PK_DER_LEN];
static unsigned char content_pk_buf[PK_DER_LEN];
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
74
75
76 
static unsigned char soc_fw_config_hash_buf[HASH_DER_LEN];
static unsigned char tos_fw_config_hash_buf[HASH_DER_LEN];
static unsigned char nt_fw_config_hash_buf[HASH_DER_LEN];
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
77 
#endif
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
78
79
80
81 

/*
 * Parameter type descriptors
 */
Juan Castillo's avatar
TBB: add non-volatile counter support    
Juan Castillo committed
82
83
84 
static auth_param_type_desc_t trusted_nv_ctr = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_NV_CTR, TRUSTED_FW_NVCOUNTER_OID);
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
85
86
87
88
89
90
91
92
93 
static auth_param_type_desc_t subject_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, 0);
static auth_param_type_desc_t sig = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_SIG, 0);
static auth_param_type_desc_t sig_alg = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_SIG_ALG, 0);
static auth_param_type_desc_t raw_data = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_RAW_DATA, 0);
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112 

static auth_param_type_desc_t tb_fw_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, TRUSTED_BOOT_FW_HASH_OID);
static auth_param_type_desc_t tb_fw_config_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, TRUSTED_BOOT_FW_CONFIG_HASH_OID);
static auth_param_type_desc_t hw_config_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, HW_CONFIG_HASH_OID);
#ifdef IMAGE_BL1
static auth_param_type_desc_t scp_bl2u_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, SCP_FWU_CFG_HASH_OID);
static auth_param_type_desc_t bl2u_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, AP_FWU_CFG_HASH_OID);
static auth_param_type_desc_t ns_bl2u_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, FWU_HASH_OID);
#endif /* IMAGE_BL1 */

#ifdef IMAGE_BL2
static auth_param_type_desc_t non_trusted_nv_ctr = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_NV_CTR, NON_TRUSTED_FW_NVCOUNTER_OID);
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128 
static auth_param_type_desc_t trusted_world_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, TRUSTED_WORLD_PK_OID);
static auth_param_type_desc_t non_trusted_world_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, NON_TRUSTED_WORLD_PK_OID);
static auth_param_type_desc_t scp_fw_content_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, SCP_FW_CONTENT_CERT_PK_OID);
static auth_param_type_desc_t soc_fw_content_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, SOC_FW_CONTENT_CERT_PK_OID);
static auth_param_type_desc_t tos_fw_content_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, TRUSTED_OS_FW_CONTENT_CERT_PK_OID);
static auth_param_type_desc_t nt_fw_content_pk = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_PUB_KEY, NON_TRUSTED_FW_CONTENT_CERT_PK_OID);
static auth_param_type_desc_t scp_fw_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, SCP_FW_HASH_OID);
static auth_param_type_desc_t soc_fw_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, SOC_AP_FW_HASH_OID);
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
129
130 
static auth_param_type_desc_t soc_fw_config_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, SOC_FW_CONFIG_HASH_OID);
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
131
132 
static auth_param_type_desc_t tos_fw_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, TRUSTED_OS_FW_HASH_OID);
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
133
134 
static auth_param_type_desc_t tos_fw_config_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, TRUSTED_OS_FW_CONFIG_HASH_OID);
Summer Qin's avatar
Support Trusted OS firmware extra images in TF tools    
Summer Qin committed
135
136
137
138 
static auth_param_type_desc_t tos_fw_extra1_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA1_HASH_OID);
static auth_param_type_desc_t tos_fw_extra2_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, TRUSTED_OS_FW_EXTRA2_HASH_OID);
Juan Castillo's avatar
TBB: apply TBBR naming convention to certificates and extensions    
Juan Castillo committed
139
140 
static auth_param_type_desc_t nt_world_bl_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID);
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
141
142 
static auth_param_type_desc_t nt_fw_config_hash = AUTH_PARAM_TYPE_DESC(
		AUTH_PARAM_HASH, NON_TRUSTED_FW_CONFIG_HASH_OID);
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
143
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
144
145
146 
#endif /* IMAGE_BL2 */
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
147
148
149 
	/*
	 * BL2
	 */
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
150
151
152
153 
static const auth_img_desc_t trusted_boot_fw_cert = {
	.img_id = TRUSTED_BOOT_FW_CERT_ID,
	.img_type = IMG_CERT,
	.parent = NULL,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
154 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
155
156
157
158
159
160
161 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &subject_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
162
163 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
164
165
166
167
168 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
169
170
171 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
172 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191 
		[0] = {
			.type_desc = &tb_fw_hash,
			.data = {
				.ptr = (void *)tb_fw_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[1] = {
			.type_desc = &tb_fw_config_hash,
			.data = {
				.ptr = (void *)tb_fw_config_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[2] = {
			.type_desc = &hw_config_hash,
			.data = {
				.ptr = (void *)hw_config_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
192
193 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
194
195
196
197
198
199
200 
	}
	};
#ifdef IMAGE_BL1
static const auth_img_desc_t bl2_image = {
	.img_id = BL2_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_boot_fw_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
201 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
202
203
204
205
206 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &tb_fw_hash
Soby Mathew's avatar
Dynamic cfg: Add HW and TB_FW configs to CoT    
Soby Mathew committed
207
208 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
209
210
211
212
213
214
215
216 
	}
};
#endif /* IMAGE_BL1 */
/* HW Config */
static const auth_img_desc_t hw_config = {
	.img_id = HW_CONFIG_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_boot_fw_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
217 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
218
219
220
221
222 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &hw_config_hash
Soby Mathew's avatar
Dynamic cfg: Add HW and TB_FW configs to CoT    
Soby Mathew committed
223
224 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
225
226
227
228
229
230
231
232 
	}
};
/* TB FW Config */
#ifdef IMAGE_BL1
static const auth_img_desc_t tb_fw_config = {
	.img_id = TB_FW_CONFIG_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_boot_fw_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
233 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &tb_fw_config_hash
			}
		}
	}
};
#endif /* IMAGE_BL1 */
#ifdef IMAGE_BL2
/*
 * Trusted key certificate
 */
static const auth_img_desc_t trusted_key_cert = {
	.img_id = TRUSTED_KEY_CERT_ID,
	.img_type = IMG_CERT,
	.parent = NULL,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
252 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
253
254
255
256
257
258
259 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &subject_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
260
261 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
262
263
264
265
266 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
267
268
269 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
270 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
271
272
273
274
275 
		[0] = {
			.type_desc = &trusted_world_pk,
			.data = {
				.ptr = (void *)trusted_world_pk_buf,
				.len = (unsigned int)PK_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
276
277 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
278
279
280
281
282 
		[1] = {
			.type_desc = &non_trusted_world_pk,
			.data = {
				.ptr = (void *)non_trusted_world_pk_buf,
				.len = (unsigned int)PK_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
283
284 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
285
286
287
288
289
290
291
292
293 
	}
};
/*
 * SCP Firmware
 */
static const auth_img_desc_t scp_fw_key_cert = {
	.img_id = SCP_FW_KEY_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &trusted_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
294 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
295
296
297
298
299
300
301 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &trusted_world_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
302
303 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
304
305
306
307
308 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
309
310
311 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
312 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
313
314
315
316
317 
		[0] = {
			.type_desc = &scp_fw_content_pk,
			.data = {
				.ptr = (void *)content_pk_buf,
				.len = (unsigned int)PK_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
318
319 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
320
321
322
323
324
325 
	}
};
static const auth_img_desc_t scp_fw_content_cert = {
	.img_id = SCP_FW_CONTENT_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &scp_fw_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
326 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
327
328
329
330
331
332
333 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &scp_fw_content_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
334
335 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
336
337
338
339
340 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
341
342
343 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
344 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
345
346
347
348
349
350
351
352
353
354
355
356
357 
		[0] = {
			.type_desc = &scp_fw_hash,
			.data = {
				.ptr = (void *)scp_fw_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		}
	}
};
static const auth_img_desc_t scp_bl2_image = {
	.img_id = SCP_BL2_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &scp_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
358 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &scp_fw_hash
			}
		}
	}
};
/*
 * SoC Firmware
 */
static const auth_img_desc_t soc_fw_key_cert = {
	.img_id = SOC_FW_KEY_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &trusted_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
375 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
376
377
378
379
380
381
382 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &trusted_world_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
383
384 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
385
386
387
388
389 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
390
391
392 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
393 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
394
395
396
397
398 
		[0] = {
			.type_desc = &soc_fw_content_pk,
			.data = {
				.ptr = (void *)content_pk_buf,
				.len = (unsigned int)PK_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
399
400 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
401
402
403
404
405
406 
	}
};
static const auth_img_desc_t soc_fw_content_cert = {
	.img_id = SOC_FW_CONTENT_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &soc_fw_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
407 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
408
409
410
411
412
413
414
415
416
417
418
419
420
421 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &soc_fw_content_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
			}
		},
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
422
423
424 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
425 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
426
427
428
429
430 
		[0] = {
			.type_desc = &soc_fw_hash,
			.data = {
				.ptr = (void *)soc_fw_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
431
432 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
433
434
435
436
437 
		[1] = {
			.type_desc = &soc_fw_config_hash,
			.data = {
				.ptr = (void *)soc_fw_config_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
438
439 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
440
441
442
443
444
445 
	}
};
static const auth_img_desc_t bl31_image = {
	.img_id = BL31_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &soc_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
446 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
447
448
449
450
451
452
453
454
455
456
457
458
459
460 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &soc_fw_hash
			}
		}
	}
};
/* SOC FW Config */
static const auth_img_desc_t soc_fw_config = {
	.img_id = SOC_FW_CONFIG_ID,
	.img_type = IMG_RAW,
	.parent = &soc_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
461 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &soc_fw_config_hash
			}
		}
	}
};
/*
 * Trusted OS Firmware
 */
static const auth_img_desc_t trusted_os_fw_key_cert = {
	.img_id = TRUSTED_OS_FW_KEY_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &trusted_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
478 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
479
480
481
482
483
484
485 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &trusted_world_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
486
487 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
488
489
490
491
492 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
493
494
495 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
496 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
497
498
499
500
501 
		[0] = {
			.type_desc = &tos_fw_content_pk,
			.data = {
				.ptr = (void *)content_pk_buf,
				.len = (unsigned int)PK_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
502
503 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
504
505
506
507
508
509 
	}
};
static const auth_img_desc_t trusted_os_fw_content_cert = {
	.img_id = TRUSTED_OS_FW_CONTENT_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &trusted_os_fw_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
510 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
511
512
513
514
515
516
517
518
519
520
521
522
523
524 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &tos_fw_content_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
			}
		},
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &trusted_nv_ctr,
				.plat_nv_ctr = &trusted_nv_ctr
Summer Qin's avatar
Support Trusted OS firmware extra images in TF tools    
Summer Qin committed
525
526
527 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
528 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554 
		[0] = {
			.type_desc = &tos_fw_hash,
			.data = {
				.ptr = (void *)tos_fw_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[1] = {
			.type_desc = &tos_fw_extra1_hash,
			.data = {
				.ptr = (void *)tos_fw_extra1_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[2] = {
			.type_desc = &tos_fw_extra2_hash,
			.data = {
				.ptr = (void *)tos_fw_extra2_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[3] = {
			.type_desc = &tos_fw_config_hash,
			.data = {
				.ptr = (void *)tos_fw_config_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Summer Qin's avatar
Support Trusted OS firmware extra images in TF tools    
Summer Qin committed
555
556 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
557
558
559
560
561
562 
	}
};
static const auth_img_desc_t bl32_image = {
	.img_id = BL32_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_os_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
563 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
564
565
566
567
568 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &tos_fw_hash
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
569
570 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
571
572
573
574
575
576 
	}
};
static const auth_img_desc_t bl32_extra1_image = {
	.img_id = BL32_EXTRA1_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_os_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
577 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
578
579
580
581
582
583
584
585
586
587
588
589
590 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &tos_fw_extra1_hash
			}
		}
	}
};
static const auth_img_desc_t bl32_extra2_image = {
	.img_id = BL32_EXTRA2_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_os_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
591 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
592
593
594
595
596
597
598
599
600
601
602
603
604
605 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &tos_fw_extra2_hash
			}
		}
	}
};
/* TOS FW Config */
static const auth_img_desc_t tos_fw_config = {
	.img_id = TOS_FW_CONFIG_ID,
	.img_type = IMG_RAW,
	.parent = &trusted_os_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
606 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &tos_fw_config_hash
			}
		}
	}
};
/*
 * Non-Trusted Firmware
 */
static const auth_img_desc_t non_trusted_fw_key_cert = {
	.img_id = NON_TRUSTED_FW_KEY_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &trusted_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
623 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
624
625
626
627
628
629
630 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &non_trusted_world_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
631
632 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
633
634
635
636
637 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &non_trusted_nv_ctr,
				.plat_nv_ctr = &non_trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
638
639
640 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
641 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
642
643
644
645
646
647
648
649
650
651
652
653
654 
		[0] = {
			.type_desc = &nt_fw_content_pk,
			.data = {
				.ptr = (void *)content_pk_buf,
				.len = (unsigned int)PK_DER_LEN
			}
		}
	}
};
static const auth_img_desc_t non_trusted_fw_content_cert = {
	.img_id = NON_TRUSTED_FW_CONTENT_CERT_ID,
	.img_type = IMG_CERT,
	.parent = &non_trusted_fw_key_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
655 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
656
657
658
659
660
661
662 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &nt_fw_content_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
663
664 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
665
666
667
668
669 
		[1] = {
			.type = AUTH_METHOD_NV_CTR,
			.param.nv_ctr = {
				.cert_nv_ctr = &non_trusted_nv_ctr,
				.plat_nv_ctr = &non_trusted_nv_ctr
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
670
671
672 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
673 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
674
675
676
677
678
679
680
681
682
683
684
685 
		[0] = {
			.type_desc = &nt_world_bl_hash,
			.data = {
				.ptr = (void *)nt_world_bl_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[1] = {
			.type_desc = &nt_fw_config_hash,
			.data = {
				.ptr = (void *)nt_fw_config_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
686
687 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
688
689
690
691
692
693 
	}
};
static const auth_img_desc_t bl33_image = {
	.img_id = BL33_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &non_trusted_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
694 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
695
696
697
698
699
700
701
702
703
704
705
706
707
708 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &nt_world_bl_hash
			}
		}
	}
};
/* NT FW Config */
static const auth_img_desc_t nt_fw_config = {
	.img_id = NT_FW_CONFIG_ID,
	.img_type = IMG_RAW,
	.parent = &non_trusted_fw_content_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
709 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &nt_fw_config_hash
			}
		}
	}
};
#else  /* IMAGE_BL2 */
/*
 * FWU auth descriptor.
 */
static const auth_img_desc_t fwu_cert = {
	.img_id = FWU_CERT_ID,
	.img_type = IMG_CERT,
	.parent = NULL,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
727 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
728
729
730
731
732
733
734 
		[0] = {
			.type = AUTH_METHOD_SIG,
			.param.sig = {
				.pk = &subject_pk,
				.sig = &sig,
				.alg = &sig_alg,
				.data = &raw_data
Soby Mathew's avatar
Dynamic cfg: Enable support on CoT for other configs    
Soby Mathew committed
735
736
737 
			}
		}
	},
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
738 
	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
739
740
741
742
743 
		[0] = {
			.type_desc = &scp_bl2u_hash,
			.data = {
				.ptr = (void *)scp_fw_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Yatharth Kochar's avatar
FWU: Add Generic Firmware Update framework support in BL1    
Yatharth Kochar committed
744
745 
			}
		},
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
746
747
748
749
750
751
752
753
754
755
756
757 
		[1] = {
			.type_desc = &bl2u_hash,
			.data = {
				.ptr = (void *)tb_fw_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
			}
		},
		[2] = {
			.type_desc = &ns_bl2u_hash,
			.data = {
				.ptr = (void *)nt_world_bl_hash_buf,
				.len = (unsigned int)HASH_DER_LEN
Yatharth Kochar's avatar
FWU: Add Generic Firmware Update framework support in BL1    
Yatharth Kochar committed
758
759 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
760
761
762
763
764
765
766
767
768 
	}
};
/*
 * SCP_BL2U
 */
static const auth_img_desc_t scp_bl2u_image = {
	.img_id = SCP_BL2U_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &fwu_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
769 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
770
771
772
773
774 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &scp_bl2u_hash
Yatharth Kochar's avatar
FWU: Add Generic Firmware Update framework support in BL1    
Yatharth Kochar committed
775
776 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
777
778
779
780
781
782
783
784
785 
	}
};
/*
 * BL2U
 */
static const auth_img_desc_t bl2u_image = {
	.img_id = BL2U_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &fwu_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
786 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
787
788
789
790
791 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &bl2u_hash
Yatharth Kochar's avatar
FWU: Add Generic Firmware Update framework support in BL1    
Yatharth Kochar committed
792
793 
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
794
795
796
797
798
799
800
801
802 
	}
};
/*
 * NS_BL2U
 */
static const auth_img_desc_t ns_bl2u_image = {
	.img_id = NS_BL2U_IMAGE_ID,
	.img_type = IMG_RAW,
	.parent = &fwu_cert,
Joel Hutton's avatar
cot-desc: optimise memory further    
Joel Hutton committed
803 
	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
804
805
806
807
808 
		[0] = {
			.type = AUTH_METHOD_HASH,
			.param.hash = {
				.data = &raw_data,
				.hash = &ns_bl2u_hash
Yatharth Kochar's avatar
FWU: Add Generic Firmware Update framework support in BL1    
Yatharth Kochar committed
809
810
811 
				}
			}
		}
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850 
	};
#endif /* IMAGE_BL2 */
/*
 * TBBR Chain of trust definition
 */

#ifdef IMAGE_BL1
static const auth_img_desc_t * const cot_desc[] = {
	[TRUSTED_BOOT_FW_CERT_ID]		=	&trusted_boot_fw_cert,
	[BL2_IMAGE_ID]				=	&bl2_image,
	[HW_CONFIG_ID]				=	&hw_config,
	[TB_FW_CONFIG_ID]			=	&tb_fw_config,
	[FWU_CERT_ID]				=	&fwu_cert,
	[SCP_BL2U_IMAGE_ID]			=	&scp_bl2u_image,
	[BL2U_IMAGE_ID]				=	&bl2u_image,
	[NS_BL2U_IMAGE_ID]			=	&ns_bl2u_image
};
#else /* IMAGE_BL2 */
static const auth_img_desc_t * const cot_desc[] = {
	[TRUSTED_BOOT_FW_CERT_ID]		=	&trusted_boot_fw_cert,
	[HW_CONFIG_ID]				=	&hw_config,
	[TRUSTED_KEY_CERT_ID]			=	&trusted_key_cert,
	[SCP_FW_KEY_CERT_ID]			=	&scp_fw_key_cert,
	[SCP_FW_CONTENT_CERT_ID]		=	&scp_fw_content_cert,
	[SCP_BL2_IMAGE_ID]			=	&scp_bl2_image,
	[SOC_FW_KEY_CERT_ID]			=	&soc_fw_key_cert,
	[SOC_FW_CONTENT_CERT_ID]		=	&soc_fw_content_cert,
	[BL31_IMAGE_ID]				=	&bl31_image,
	[SOC_FW_CONFIG_ID]			=	&soc_fw_config,
	[TRUSTED_OS_FW_KEY_CERT_ID]		=	&trusted_os_fw_key_cert,
	[TRUSTED_OS_FW_CONTENT_CERT_ID]		=	&trusted_os_fw_content_cert,
	[BL32_IMAGE_ID]				=	&bl32_image,
	[BL32_EXTRA1_IMAGE_ID]			=	&bl32_extra1_image,
	[BL32_EXTRA2_IMAGE_ID]			=	&bl32_extra2_image,
	[TOS_FW_CONFIG_ID]			=	&tos_fw_config,
	[NON_TRUSTED_FW_KEY_CERT_ID]		=	&non_trusted_fw_key_cert,
	[NON_TRUSTED_FW_CONTENT_CERT_ID]	=	&non_trusted_fw_content_cert,
	[BL33_IMAGE_ID]				=	&bl33_image,
	[NT_FW_CONFIG_ID]			=	&nt_fw_config,
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
851 
};
Joel Hutton's avatar
Reduce memory needed for CoT description    
Joel Hutton committed
852 
#endif
Juan Castillo's avatar
TBB: add TBBR Chain of Trust    
Juan Castillo committed
853
854
855 

/* Register the CoT in the authentication module */
REGISTER_COT(cot_desc);