- 12 Sep, 2019 2 commits
-
-
Justin Chadwell authored
Support for PKCS#1 v1.5 was deprecated in SHA 1001202d and fully removed in SHA fe199e3b , however, cert_tool is still able to generate certificates in that form. This patch fully removes the ability for cert_tool to generate these certificates. Additionally, this patch also fixes a bug where the issuing certificate was a RSA and the issued certificate was EcDSA. In this case, the issued certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now that PKCS#1 v1.5 support is removed, all certificates that are signed with RSA now use the more modern padding scheme. Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
Justin Chadwell authored
cert_tool is now able to accept a command line option for specifying the key size. It now supports the following options: 1024, 2048 (default), 3072 and 4096. This is also modifiable by TFA using the build flag KEY_SIZE. Change-Id: Ifadecf84ade3763249ee8cc7123a8178f606f0e5 Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
- 16 Aug, 2019 1 commit
-
-
Justin Chadwell authored
The valgrind checks for cert_create have not been run in a long while - as such there are a few memory leaks present. This patch fixes a few of the major ones reported by valgrind. However, a few do remain. Change-Id: Iab002fb2b0090043287d43fb54a4d18928c2ed85 Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
- 12 Mar, 2019 1 commit
-
-
Paul Beesley authored
Change-Id: Iea72ef9ba16325cbce07eea1a975d2a96eede274 Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 08 Nov, 2018 1 commit
-
-
Antonio Nino Diaz authored
All identifiers, regardless of use, that start with two underscores are reserved. This means they can't be used in header guards. The style that this project is now to use the full name of the file in capital letters followed by 'H'. For example, for a file called "uart_example.h", the header guard is UART_EXAMPLE_H. The exceptions are files that are imported from other projects: - CryptoCell driver - dt-bindings folders - zlib headers Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 04 Oct, 2018 1 commit
-
-
Antonio Nino Diaz authored
HOSTCC should be used in any of the tools inside the tools/ directory instead of CC. That way it is possible to override both values from the command line when building the Trusted Firmware and the tools at the same time. Also, use HOSTCCFLAGS instead of CFLAGS. Also, instead of printing the strings CC and LD in the console during the compilation of the tools, HOSTCC and HOSTLD have to be used for clarity. This is how it is done in other projects like U-Boot or Linux. Change-Id: Icd6f74c31eb74cdd1c353583399ab19e173e293e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 06 Jul, 2018 1 commit
-
-
Ying-Chun Liu (PaulLiu) authored
Previously build_msg.o is built by CC. It causes FTBFS when CC is not equal to HOSTCC. Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
-
- 27 Jun, 2018 1 commit
-
-
Roberto Vargas authored
Print_help was used in different contexts and returning no error in that function was hiding the error when incorrect options were used. Change-Id: Ic3f71748be7ff8440c9d54810b986e9f177f4439 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 18 May, 2018 1 commit
-
-
Soby Mathew authored
This patch implements support for adding dynamic configurations for BL31 (soc_fw_config), BL32 (tos_fw_config) and BL33 (nt_fw_config). The necessary cert tool support and changes to default chain of trust are made for these configs. Change-Id: I25f266277b5b5501a196d2f2f79639d838794518 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 30 Apr, 2018 1 commit
-
-
Jonathan Wright authored
Spurious whitespace existed in the BINARY shell variable which meant the cert_tool executable was not being removed on 'make realclean'. Change-Id: Ibfd2fd17889514f6613e33c6df58d53b9232ec14 Signed-off-by: Jonathan Wright <jonathan.wright@arm.com>
-
- 05 Mar, 2018 1 commit
-
-
Heyi Guo authored
Since we use "?=" to set PLATFORM_ROOT, it is better to change the name to be more special, or else it may be overridden by some environment variables, such as in some CI build environments. Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
-
- 26 Feb, 2018 1 commit
-
-
Soby Mathew authored
This patch updates the `fiptool` and `cert_create` for the `hw_config` and `tb_fw_config` dynamic configuration files. The necessary UUIDs and OIDs are assigned to these files and the `cert_create` is updated to generate appropriate hashes and include them in the "Trusted Boot FW Certificate". The `fiptool` is updated to allow the configs to be specified via cmdline and included in the generated FIP. Change-Id: I940e751a49621ae681d14e162aa1f5697eb0cb15 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 21 Nov, 2017 1 commit
-
-
Qixiang Xu authored
This option enables the user to select the secure hash algorithm to be used for generating the hash. It supports the following options: - sha256 (default) - sha384 - sha512 Change-Id: Icb093cec1b5715e248c3d1c3749a2479a7ab4b89 Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 09 Oct, 2017 1 commit
-
-
Qixiang Xu authored
Commit a8eb286a introduced the following error when creating ECDSA certificates. ERROR: Error creating key 'Trusted World key' Makefile:634: recipe for target 'certificates' failed make: *** [certificates] Error 1 this patch adds the function to create PKCS#1 v1.5. Change-Id: Ief96d55969d5e9877aeb528c6bb503b560563537 Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 08 Oct, 2017 1 commit
-
-
Michalis Pappas authored
This patch fixes incompatibility issues that prevent building the cert_tool with OpenSSL >= v1.1.0. The changes introduced are still backwards compatible with OpenSSL v1.0.2. Fixes arm-software/trusted-fw#521 Signed-off-by: Michalis Pappas <mpappas@fastmail.fm>
-
- 11 Sep, 2017 1 commit
-
-
Soby Mathew authored
Using the OIDs defined in tbbr_oids.h is the recommended way to build the cert_create tool. This patch hence sets default value of the build flag USE_TBBR_DEFS to 1 in the Makefile in `tools/cert_create` folder when cert_create is built from this folder. Fixes ARM-software/tf-issues#482 Change-Id: Id1d224826b3417770bccbefa1b68d9bdb3b567f0 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 31 Aug, 2017 1 commit
-
-
Soby Mathew authored
This patch enables choice of RSA version at run time to be used for generating signatures by the cert_tool. The RSA PSS as defined in PKCS#1 v2.1 becomes the default version and this patch enables to specify the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line -a option. Also, the build option `KEY_ALG` can be used to pass this option from the build system. Please note that RSA PSS is mandated by Trusted Board Boot requirements (TBBR) and legacy RSA support is being added for compatibility reasons. Fixes ARM-Software/tf-issues#499 Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73 Co-Authored-By: Eleanor Bonnici <Eleanor.bonnici@arm.com> Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 09 Aug, 2017 1 commit
-
-
Summer Qin authored
Since Trusted OS firmware may have extra images, need to assign new uuid and image id for them. The TBBR chain of trust has been extended to add support for the new images within the existing Trusted OS firmware content certificate. Change-Id: I678dac7ba1137e85c5779b05e0c4331134c10e06 Signed-off-by: Summer Qin <summer.qin@arm.com>
-
- 12 Jul, 2017 1 commit
-
-
Isla Mitchell authored
This fix modifies the order of system includes to meet the ARM TF coding standard. There are some exceptions in order to retain header groupings, minimise changes to imported headers, and where there are headers within the #if and #ifndef statements. Change-Id: I65085a142ba6a83792b26efb47df1329153f1624 Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
-
- 12 Jun, 2017 1 commit
-
-
dp-arm authored
When V is set from the command line, the value is passed to the tools' Makefiles as well. Change-Id: I91a1f66de5c1ae6f36b6c9f0a9bd550d4a30f092 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 05 Jun, 2017 1 commit
-
-
Soby Mathew authored
This patch modifies the `cert_create` tool to use RSASSA-PSS scheme for signing the certificates. This is compliant with RSA PKCS_2_1 standard as mandated by TBBR. Note that the certificates generated by using cert_create tool after this patch can be authenticated during TBB only if the corresponding mbedtls driver in ARM Trusted Firmware has the corresponding support. Change-Id: If224f41c76b3c4765ae2af5259e67f73602818a4 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 24 May, 2017 1 commit
-
-
dp-arm authored
Tools are built using the compiler specified in `HOSTCC` instead of reusing the `CC` variable. By default, gcc is used. Change-Id: I83636a375c61f4804b4e80784db9d061fe20af87 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 23 May, 2017 1 commit
-
-
Masahiro Yamada authored
Platforms aligned with TBBR are supposed to use their own OIDs, but defining the same macros with different OIDs does not provide any value (at least technically). For easier use of TBBR, this commit allows platforms to reuse the OIDs obtained by ARM Ltd. This will be useful for non-ARM vendors that do not need their own extension fields in their certificate files. The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the backward compatibility. For clarification, I inserted a blank line between headers from the include/ directory (#include <...>) and ones from a local directory (#include "..." ). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 03 May, 2017 1 commit
-
-
dp-arm authored
To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 14 Feb, 2017 1 commit
-
-
dp-arm authored
cppcheck highlighted variables that were initialized but then later reassigned. Change-Id: Ie12742c01fd3bf48b2d6c05a3b448da91d57a2e4 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 11 Feb, 2017 3 commits
-
-
Masahiro Yamada authored
These variables store return values of functions. Remove all of meaningless initializers. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The ext_new_nvcounter() function calls i2d_ASN1_INTEGER() twice; the first call to get the return value "sz", and the second one for writing data into the buffer. This is actually redundant. We can do both by one function call. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
In the current code, both key_load() and key_create() call key_new() to allocate a key container (and they do not free it even if they fail). If a specific key is not given by the command option, key_load() fails, then key_create() is called. At this point, the key container that has been allocated in key_load() is still alive, and it is overwritten by a new key container created by key_create(). Move the key_new() call to the main() function to make sure it is called just once for each descriptor. While we are here, let's fix one more bug; the error handling code ERROR("Malloc error while loading '%s'\n", keys[i].fn); is wrong because keys[i].fn is NULL pointer unless a specific key is given by the command option. This code could be run in either case. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 05 Jul, 2016 1 commit
-
-
Yatharth Kochar authored
With the introduction of commit `96103d5a`, the Certificate Generation tool is not able to generate FWU certificate and while doing so it does segmentation fault. This happens because it is now required to pass non-volatile counter values to the `cert_create` tool from the command line for creating the trusted firmware certificates. But in case of creating FWU certificate these counter values are not being passed to the tool and as a consequence the `cert_create` tool try to use the NULL argument and errors out with Segmentation fault. This patch fixes this issue by providing a check before using the command line argument passed in the case of `EXT_TYPE_NVCOUNTER` certificate extension. Change-Id: Ie17d0c1502b52aaa8500f3659c2da2448ab0347a
-
- 01 Apr, 2016 5 commits
-
-
Evan Lloyd authored
In some build environments executable programs have a specific file extension. The value of BIN_EXT is appended to the relevant tool file names to allow for this. The value of BIN_EXT is set, where appropriate, by the build environment specific make helper (to .exe for Windows build environments). .gitignore is updated to hide the new (.exe) files. Change-Id: Icc32f64b750e425265075ad4e0dea18129640b86
-
Evan Lloyd authored
Add make helper files to select the appropriate settings for the build environment. Selection is made in make_helpers/build_env.mk, which selects other files to include using generic build environment settings. The Trusted Firmware Makefile and supporting tool Makefiles are updated to include build_env.mk instead of unix.mk. NOTE: This change does not fully enable builds in other build environments. It facilitates this without compromising the existing build environments. Change-Id: Ic4064ffe6ce158bbd16d7cc9f27dd4655a3580f6
-
Evan Lloyd authored
Macros are inserted to replace direct invocations of commands that are problematic on some build environments. (e.g. Some environments expect \ in paths instead of /.) The changes take into account mismatched command mappings across environments. The new helper file unix.mk retains existing makefile behaviour on unix like build environments by providing the following macro definitions: SHELL_COPY cp -f SHELL_COPY_TREE cp -rf SHELL_DELETE rm -f SHELL_DELETE_ALL rm -rf MAKE_PREREQ_DIR mkdir -p (As make target) SHELL_REMOVE_DIR rm -rf Change-Id: I1b5ca5e1208e78230b15284c4af00c1c006cffcb
-
Evan Lloyd authored
Update the cert_create Makefile to list realclean as .PHONY (like clean) Change-Id: I9dc8a61a11574a044372e0952b5b12b74e133747
-
Evan Lloyd authored
As an initial stage of making Trusted Firmware build environment more portable, we remove most uses of the $(shell ) function and replace them with more portable make function based solutions. Note that the setting of BUILD_STRING still uses $(shell ) since it's not possible to reimplement this as a make function. Avoiding invocation of this on incompatible host platforms will be implemented separately. Change-Id: I768e2f9a265c78814a4adf2edee4cc46cda0f5b8
-
- 30 Mar, 2016 1 commit
-
-
Juan Castillo authored
This patch adds non-volatile counter support to the Certificate Generation tool. The TBBR Chain of Trust definition in the tool has been extended to include the counters as certificate extensions. The counter values can be specified in the command line. The following default counter values are specified in the build system: * Trusted FW Non-Volatile counter = 0 * Non-Trusted FW Non-Volatile counter = 0 These values can be overridden by the platform at build time. Change-Id: I7ea10ee78d72748d181df4ee78a7169b3ef2720c
-
- 07 Jan, 2016 1 commit
-
-
Juan Castillo authored
The help message printed by the cert_create tool using the command line option -h (or --help) does not correctly list all the available command line options. This patch reworks the print_help() function to print the help messages in a data driven approach. For each command line option registered, an optional help message can be specified, which will be printed by print_help(). Help messages for the TBBR options (certificates, keys and images) are also provided. Fix a small bug in the short options string passed to getopt_long: the ':' was missing in the '-a' option (this option must take an argument). Fixes ARM-software/tf-issues#337 Change-Id: I9d08c2dfd349022808fcc884724f677eefdc1452
-
- 05 Jan, 2016 1 commit
-
-
Sandrine Bailleux authored
By default ARM TF is built with the '-pedantic' compiler flag, which helps detecting violations of the C standard. However, the mbed TLS library and its associated authentication module in TF used to fail building with this compiler flag. As a workaround, the mbed TLS authentication module makefile used to set the 'DISABLE_PEDANTIC' TF build flag. The compiler errors flagged by '-pedantic' in the mbed TLS library have been fixed between versions 1.3.9 and 2.2.0 and the library now properly builds with this compiler flag. This patch fixes the remaining compiler errors in the mbed TLS authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF build flag. This means that TF is now always built with '-pedantic'. In particular, this patch: * Removes the final semi-colon in REGISTER_COT() macro. This semi-colon was causing the following error message: drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow extra ';' outside of a function [-Werror=pedantic] This has been fixed both in the mbed TLS authentication module as well as in the certificate generation tool. Note that the latter code didn't need fixing since it is not built with '-pedantic' but the change has been propagated for consistency. Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros, which were suffering from the same issue. * Fixes a pointer type. It was causing the following error message: drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash': drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of type 'void *' used in arithmetic [-Werror=pointer-arith] Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d
-
- 14 Dec, 2015 2 commits
-
-
Juan Castillo authored
This patch replaces all references to the SCP Firmware (BL0, BL30, BL3-0, bl30) with the image terminology detailed in the TF wiki (https://github.com/ARM-software/arm-trusted-firmware/wiki): BL0 --> SCP_BL1 BL30, BL3-0 --> SCP_BL2 bl30 --> scp_bl2 This change affects code, documentation, build system, tools and platform ports that load SCP firmware. ARM plaforms have been updated to the new porting API. IMPORTANT: build option to specify the SCP FW image has changed: BL30 --> SCP_BL2 IMPORTANT: This patch breaks compatibility for platforms that use BL2 to load SCP firmware. Affected platforms must be updated as follows: BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID BL30_BASE --> SCP_BL2_BASE bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo() bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2() Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
-
Juan Castillo authored
This patch applies the TBBR naming convention to the certificates and the corresponding extensions defined by the CoT: * Certificate UUID names * Certificate identifier names * OID names Changes apply to: * Generic code (variables and defines) * The default certificate identifiers provided in the generic code * Build system * ARM platforms port * cert_create tool internal definitions * fip_create and cert_create tools command line options * Documentation IMPORTANT: this change breaks the compatibility with platforms that use TBBR. The platform will need to adapt the identifiers and OIDs to the TBBR naming convention introduced by this patch: Certificate UUIDs: UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT Certificate identifiers: BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID OIDs: TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID BL30_HASH_OID --> SCP_FW_HASH_OID BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID BL31_HASH_OID --> SOC_AP_FW_HASH_OID BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID NS_BL2U_HASH_OID --> FWU_HASH_OID Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
-
- 09 Dec, 2015 1 commit
-
-
Yatharth Kochar authored
Firmware Update requires an X509v3 certificate which contains hashes for SCP_BL2U, BL2U and NS_BL2U images as extensions. This patch extends the Chain of Trust definition in the 'cert_create' tool to include the Firmware Update certificate and the required extensions (including command line options). A new field in the extension structure will be used to indicate that the extension is optional. In the case of an image hash extension, this field will tell the tool that the hash should be included in the certificate, but filled with zeros. Change-Id: I1f77a66b018826b71745910771f38d9cf6050388
-