Commits · 7fa3214e18ad640208eaf6c8d6111ec53f3894aa · adam.huang / Arm Trusted Firmware

11 Feb, 2017 1 commit

cert_create: remove unneeded initializers · c893c733

Masahiro Yamada authored Feb 06, 2017



These variables store return values of functions.  Remove all of
meaningless initializers.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

c893c733

07 Jan, 2016 1 commit

cert_create: update help message · 159807e2

Juan Castillo authored Dec 15, 2015

The help message printed by the cert_create tool using the command
line option -h (or --help) does not correctly list all the available
command line options.

This patch reworks the print_help() function to print the help
messages in a data driven approach. For each command line option
registered, an optional help message can be specified, which will
be printed by print_help().

Help messages for the TBBR options (certificates, keys and images)
are also provided.

Fix a small bug in the short options string passed to getopt_long:
the ':' was missing in the '-a' option (this option must take an
argument).

Fixes ARM-software/tf-issues#337

Change-Id: I9d08c2dfd349022808fcc884724f677eefdc1452

159807e2

23 Oct, 2015 1 commit

cert_create: specify command line options in the CoT · ad2c1a9a

Juan Castillo authored Jul 03, 2015

This patch introduces a new API that allows to specify command
line options in the Chain of Trust description. These command line
options may be used to specify parameters related to the CoT (i.e.
keys or certificates), instead of keeping a hardcoded list of
options in main.c.

Change-Id: I282b0b01cb9add557b26bddc238a28253ce05e44

ad2c1a9a

16 Jul, 2015 1 commit

TBB: rework cert_create tool to follow a data driven approach · 55e291a4

Juan Castillo authored Jun 12, 2015

This patch reworks the certificate generation tool to follow a data
driven approach. The user may specify at build time the certificates,
keys and extensions defined in the CoT, register them using the
appropiate macros and the tool will take care of creating the
certificates corresponding to the CoT specified.

Change-Id: I29950b39343c3e1b71718fce0e77dcf2a9a0be2f

55e291a4

05 Mar, 2015 1 commit

TBB: use SHA256 to generate the certificate signatures · ea4ec3aa

Juan Castillo authored Feb 16, 2015

This patch replaces SHA1 by SHA256 in the 'cert_create' tool, so
certificate signatures are generated according to the NSA Suite B
cryptographic algorithm requirements.

Documentation updated accordingly.

Change-Id: I7be79e6b2b62dac8dc78a4f4f5006e37686bccf6

ea4ec3aa

28 Jan, 2015 1 commit

TBB: add tool to generate certificates · 6f971622

Juan Castillo authored Oct 21, 2014

This patch adds a tool that generates all the necessary elements
to establish the chain of trust (CoT) between the images.

The tool reads the binary images and signing keys and outputs the
corresponding certificates that will be used by the target at run
time to verify the authenticity of the images.

Note: the platform port must provide the file platform_oid.h. This
file will define the OIDs of the x509 extensions that will be added
to the certificates in order to establish the CoT.

Change-Id: I2734d6808b964a2107ab3a4805110698066a04be

6f971622