• Manish Pandey's avatar
    cert_create: add SiP owned secure partitions support · 0792dd7d
    Manish Pandey authored
    
    
    Add support to generate certificate "sip-sp-cert" for Secure
    Partitions(SP) owned by Silicon provider(SiP).
    To avoid deviation from TBBR specification the support is only added for
    dualroot CoT and not for TBBR CoT.
    
    A single certificate file is generated containing hash of individual
    packages. Maximum 8 secure partitions are supported.
    
    Following new options added to cert_tool:
     --sip-sp-cert --> SiP owned Secure Partition Content Certificate
     --sp-pkg1 --> Secure Partition Package1 file
     --sp-pkg2
     .....
     --sp-pkg8
    
    Trusted world key pair is used for signing.
    
    Going forward, this feature can be extended for Platfrom owned
    Partitions, if required.
    Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
    Change-Id: Ia6dfbc1447cfb41b1fcbd12cf2bf7b88f409bd8d
    0792dd7d
firmware_image_package.h 4.79 KB