1. 03 Aug, 2018 3 commits
  2. 18 Jun, 2018 1 commit
  3. 18 May, 2018 1 commit
  4. 13 Apr, 2018 2 commits
    • Roberto Vargas's avatar
      Fix MISRA rule 8.4 Part 4 · 3b94189a
      Roberto Vargas authored
      
      
      Rule 8.4: A compatible declaration shall be visible when
                an object or function with external linkage is defined
      
      Fixed for:
      	make DEBUG=1 PLAT=fvp SPD=tspd TRUSTED_BOARD_BOOT=1 \
      	     GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
      	     ROT_KEY=arm_rotprivk_rsa.pem MBEDTLS_DIR=mbedtls all
      
      Change-Id: Ie4cd6011b3e4fdcdd94ccb97a7e941f3b5b7aeb8
      Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      3b94189a
    • Roberto Vargas's avatar
      Fix MISRA rule 8.3 Part 4 · 735181b6
      Roberto Vargas authored
      
      
      Rule 8.3: All declarations of an object or function shall
                use the same names and type qualifiers
      
      Fixed for:
      	make DEBUG=1 PLAT=fvp SPD=tspd TRUSTED_BOARD_BOOT=1 \
      	     GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
      	     ROT_KEY=arm_rotprivk_rsa.pem MBEDTLS_DIR=mbedtls all
      
      Change-Id: Ia34fe1ae1f142e89c9a6c19831e3daf4d28f5831
      Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      735181b6
  5. 27 Mar, 2018 1 commit
    • Joel Hutton's avatar
      Clean usage of void pointers to access symbols · 9f85f9e3
      Joel Hutton authored
      
      
      Void pointers have been used to access linker symbols, by declaring an
      extern pointer, then taking the address of it. This limits symbols
      values to aligned pointer values. To remove this restriction an
      IMPORT_SYM macro has been introduced, which declares it as a char
      pointer and casts it to the required type.
      
      Change-Id: I89877fc3b13ed311817bb8ba79d4872b89bfd3b0
      Signed-off-by: default avatarJoel Hutton <Joel.Hutton@Arm.com>
      9f85f9e3
  6. 26 Feb, 2018 1 commit
  7. 18 Jan, 2018 1 commit
  8. 21 Nov, 2017 1 commit
  9. 22 Sep, 2017 2 commits
  10. 31 Aug, 2017 2 commits
    • Soby Mathew's avatar
      cert_tool: Support for legacy RSA PKCS#1 v1.5 · a8eb286a
      Soby Mathew authored
      
      
      This patch enables choice of RSA version at run time to be used for
      generating signatures by the cert_tool. The RSA PSS as defined in
      PKCS#1 v2.1 becomes the default version and this patch enables to specify
      the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
      -a option. Also, the build option `KEY_ALG` can be used to pass this
      option from the build system. Please note that RSA PSS is mandated
      by Trusted Board Boot requirements (TBBR) and legacy RSA support is
      being added for compatibility reasons.
      
      Fixes ARM-Software/tf-issues#499
      Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
      Co-Authored-By: default avatarEleanor Bonnici <Eleanor.bonnici@arm.com>
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      a8eb286a
    • Soby Mathew's avatar
      Export KEY_ALG as a user build option · 2091755c
      Soby Mathew authored
      
      
      The `KEY_ALG` variable is used to select the algorithm for key
      generation by `cert_create` tool for signing the certificates. This
      variable was previously undocumented and did not have a global default
      value. This patch corrects this and also adds changes to derive the
      value of `TF_MBEDTLS_KEY_ALG` based on `KEY_ALG` if it not set by the
      platform. The corresponding assignment of these variables are also now
      removed from the `arm_common.mk` makefile.
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      Change-Id: I78e2d6f4fc04ed5ad35ce2266118afb63127a5a4
      2091755c
  11. 09 Aug, 2017 1 commit
  12. 12 Jul, 2017 1 commit
    • Isla Mitchell's avatar
      Fix order of #includes · 2a4b4b71
      Isla Mitchell authored
      
      
      This fix modifies the order of system includes to meet the ARM TF coding
      standard. There are some exceptions in order to retain header groupings,
      minimise changes to imported headers, and where there are headers within
      the #if and #ifndef statements.
      
      Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
      Signed-off-by: default avatarIsla Mitchell <isla.mitchell@arm.com>
      2a4b4b71
  13. 28 Jun, 2017 2 commits
    • Soby Mathew's avatar
      Do basic CryptoCell LCS check · fd2b42f4
      Soby Mathew authored
      
      
      This patch implements the basic lifecycle state check when CryptoCell
      SBROM is initialized. Currently the check ensures that if the lifecycle
      state is Security Disabled (SD), the boot process does not proceed
      further.
      
      Change-Id: I5101335453cd3ea413e97bcfb9138a96c05e1aea
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      fd2b42f4
    • Soby Mathew's avatar
      Add CC crypto driver to the Auth module · 4eb20d99
      Soby Mathew authored
      
      
      This patch adds a crypto driver which utilizes the ARM® TrustZone®
      CryptoCell-712 to verify signature and hash during Trusted Board Boot. Along
      with this driver, the CryptoCell SBROM library is required to successfully
      build the BL image. The path to this library is specified via
      the `CCSBROM_LIB_PATH` variable. Please note that, mbedTLS is still required
      to do the X509 certificate ASN.1 parsing and CryptoCell is only utilized for
      signature and hash verification.
      
      Change-Id: If82dfbae0d7772ba1c64839f0b27850c103fe253
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      4eb20d99
  14. 06 Jun, 2017 1 commit
    • Antonio Nino Diaz's avatar
      mbedtls: Don't use tf_snprintf if option not defined · c46c18c5
      Antonio Nino Diaz authored
      
      
      If `MBEDTLS_PLATFORM_SNPRINTF_ALT` isn't used, the function
      `mbedtls_platform_set_snprintf()` isn't defined.
      
      In case a platform uses a different mbed TLS configuration file than
      the one provided by the Trusted Firmware, and it doesn't define the
      mentioned build option, this will result in a build error.
      
      This patch modifies the initialization code so that
      `mbedtls_platform_set_snprintf()` is only used if
      `MBEDTLS_PLATFORM_SNPRINTF_ALT` is defined, allowing platforms to use
      it or not depending on their needs.
      
      Change-Id: I1d5c86d57e9b2871ba463030bf89210ebec5178e
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      c46c18c5
  15. 05 Jun, 2017 2 commits
  16. 31 May, 2017 1 commit
    • Antonio Nino Diaz's avatar
      mbedtls: Define optimized mbed TLS heap size · 05fd893e
      Antonio Nino Diaz authored
      
      
      mbed TLS provides the debug API `mbedtls_memory_buffer_alloc_status()`
      to analyse the RAM usage of the library.
      
      When RSA is selected as algorithm, the maximum heap usage in FVP and
      Juno has been determined empirically to be approximately 5.5 KiB.
      However, The default heap size used when RSA is selected is 8 KiB.
      
      This patch reduces the buffer from 8 KiB to 6 KiB so that the BSS
      sections of both BL1 and BL2 are 2 KiB smaller when the firmware is
      compiled with TBB support.
      
      Change-Id: I43878a4e7af50c97be9c8d027c728c8483f24fbf
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      05fd893e
  17. 24 May, 2017 1 commit
    • Antonio Nino Diaz's avatar
      mbedtls: Use `tf_snprintf` instead of `snprintf` · ab1794f5
      Antonio Nino Diaz authored
      
      
      The Trusted Firmware uses a subset of the APIs provided by mbed TLS.
      This subset internally uses `snprintf`, but the only format specifier
      used is '%d', which is supported by `tf_snprintf`.
      
      This patch makes mbed TLS use `tf_snprintf` instead of `snprintf`,
      saving 3 KB in both debug and release builds when TBBR is enabled.
      
      Change-Id: I7f992a21015930d7c0f4660e7a28ceefd60b9597
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      ab1794f5
  18. 23 May, 2017 1 commit
    • Masahiro Yamada's avatar
      cert: move platform_oid.h to include/tools_share for all platforms · bb41eb7a
      Masahiro Yamada authored
      
      
      Platforms aligned with TBBR are supposed to use their own OIDs, but
      defining the same macros with different OIDs does not provide any
      value (at least technically).
      
      For easier use of TBBR, this commit allows platforms to reuse the OIDs
      obtained by ARM Ltd.  This will be useful for non-ARM vendors that
      do not need their own extension fields in their certificate files.
      
      The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h
      
      Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
      defining USE_TBBR_DEFS as 1.  USE_TBBR_DEFS is 0 by default to keep the
      backward compatibility.
      
      For clarification, I inserted a blank line between headers from the
      include/ directory (#include <...>) and ones from a local directory
      (#include "..." ).
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      bb41eb7a
  19. 12 May, 2017 2 commits
    • David Cunado's avatar
      mbedtls: Complete namespace for TF specific macros · 0aff7ad2
      David Cunado authored
      
      
      This patch renames MBEDTLS_KEY_ALG to TF_MBEDTLS_KEY_ALG. This
      completes the migration of TF specific macros so that they do not
      have the MBEDTLS_ suffix (see arm-trusted-firmware#874).
      
      Change-Id: Iad7632477e220b0af987c4db3cf52229fb127d00
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      0aff7ad2
    • David Cunado's avatar
      mbedtls: Namespace for TF specific macros · b1883510
      David Cunado authored
      
      
      An earlier patch (arm-trusted-firmware#874) migrated MBEDTLS_ suffixed
      macros to have a TBBR_ suffix to avoid any potential clash with future
      mbedtls macros.
      
      But on reflection the TBBR_ suffix could be confusing as the macros
      are used to drive TF-specific configuration of mbedtls. As such
      this patch migrates these macros from TBBR_suffix to TF_MBEDTLS_
      suffix which more accurately conveys their use.
      
      Change-Id: Ic87642b653ceeaa03d62f724976abd5e12e867d4
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      b1883510
  20. 03 May, 2017 1 commit
  21. 22 Mar, 2017 1 commit
    • dp-arm's avatar
      mbedtls: Namespace TF specific macros · 66b4c166
      dp-arm authored
      
      
      These macros are not part of mbed TLS so they should not be prefixed
      with `MBEDTLS_` to avoid potential collision in the future. Use the
      `TBBR_` suffix to highlight that they only used in TF.
      
      `MBEDTLS_KEY_ALG` was not modified because that is documented and used
      by platforms to select the key algorithm.
      
      Change-Id: Ief224681715c481691c80810501830ce16e210b0
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      66b4c166
  22. 16 Feb, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Revert "tbbr: Use constant-time bcmp() to compare hashes" · fabd21ad
      Antonio Nino Diaz authored
      This reverts commit b621fb50
      
      .
      
      Because of the Trusted Firmware design, timing-safe functions are not
      needed. Using them may be misleading as it could be interpreted as being
      a protection against private data leakage, which isn't the case here.
      
      For each image, the SHA-256 hash is calculated. Some padding is appended
      and the result is encrypted with a private key using RSA-2048. This is
      the signature of the image. The public key is stored along with BL1 in
      read-only memory and the encrypted hash is stored in the FIP.
      
      When authenticating an image, the TF decrypts the hash stored in the FIP
      and recalculates the hash of the image. If they don't match, the boot
      sequence won't continue.
      
      A constant-time comparison does not provide additional security as all
      the data involved in this process is already known to any attacker.
      There is no private data that can leaked through a timing attack when
      authenticating an image.
      
      `timingsafe_bcmp()` is kept in the codebase because it could be useful
      in the future.
      
      Change-Id: I44bdcd58faa586a050cc89447e38c142508c9888
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      fabd21ad
  23. 06 Feb, 2017 1 commit
    • Douglas Raillard's avatar
      Replace some memset call by zeromem · 32f0d3c6
      Douglas Raillard authored
      
      
      Replace all use of memset by zeromem when zeroing moderately-sized
      structure by applying the following transformation:
      memset(x, 0, sizeof(x)) => zeromem(x, sizeof(x))
      
      As the Trusted Firmware is compiled with -ffreestanding, it forbids the
      compiler from using __builtin_memset and forces it to generate calls to
      the slow memset implementation. Zeromem is a near drop in replacement
      for this use case, with a more efficient implementation on both AArch32
      and AArch64.
      
      Change-Id: Ia7f3a90e888b96d056881be09f0b4d65b41aa79e
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      32f0d3c6
  24. 24 Jan, 2017 1 commit
    • Antonio Nino Diaz's avatar
      tbbr: Use constant-time bcmp() to compare hashes · b621fb50
      Antonio Nino Diaz authored
      
      
      To avoid timing side-channel attacks, it is needed to use a constant
      time memory comparison function when comparing hashes. The affected
      code only cheks for equality so it isn't needed to use any variant of
      memcmp(), bcmp() is enough.
      
      Also, timingsafe_bcmp() is as fast as memcmp() when the two compared
      regions are equal, so this change incurrs no performance hit in said
      case. In case they are unequal, the boot sequence wouldn't continue as
      normal, so performance is not an issue.
      
      Change-Id: I1c7c70ddfa4438e6031c8814411fef79fd3bb4df
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      b621fb50
  25. 19 Jan, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Clear static variables in X509 parser on error · 51c5e1a2
      Antonio Nino Diaz authored
      
      
      In mbedtls_x509_parser.c there are some static arrays that are filled
      during the integrity check and then read whenever an authentication
      parameter is requested. However, they aren't cleared in case of an
      integrity check failure, which can be problematic from a security
      point of view. This patch clears these arrays in the case of failure.
      
      Change-Id: I9d48f5bc71fa13e5a75d6c45b5e34796ef13aaa2
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      51c5e1a2
  26. 06 Jan, 2017 1 commit
    • Masahiro Yamada's avatar
      TBB: fix comment about MBEDTLS_KEY_ALG default · a56f87c8
      Masahiro Yamada authored
      This comment block says the default algorithm is ESDSA, while the
      code obviously sets the default to RSA:
      
        ifeq (${MBEDTLS_KEY_ALG},)
            MBEDTLS_KEY_ALG            :=      rsa
        endif
      
      The git log of commit 7d37aa17
      
       ("TBB: add mbedTLS authentication
      related libraries") states available options are:
      
        * 'rsa' (for RSA-2048) (default option)
        * 'ecdsa' (for ECDSA-SECP256R1)
      
      So, my best guess is the comment block is wrong.
      
      The mismatch between the code and the comment is confusing. Fix it.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      a56f87c8
  27. 15 Dec, 2016 1 commit
    • dp-arm's avatar
      tbbr: Fix updating of Non-Trusted NV counter · d35dee23
      dp-arm authored
      
      
      The previous code required that a certificate be signed with the ROT
      key before the platform's NV counter could be updated with the value
      in the certificate.  This implies that the Non-Trusted NV counter was
      not being updated for Non-Trusted content certificates, as they cannot
      be signed with the ROT key in the TBBR CoT scheme.
      
      The code is reworked to only allow updating the platform's Trusted NV
      counter when a certificate protected by the Trusted NV counter is
      signed with the ROT key.
      
      Content certificates protected by the Non-Trusted NV counter are
      allowed to update the platform's Non-Trusted NV counter, assuming
      that the certificate value is higher than the platform's value.
      
      A new optional platform API has been introduced, named
      plat_set_nv_ctr2().  Platforms may choose to implement it and perform
      additional checks based on the authentication image descriptor before
      modifying the NV counters.  A default weak implementation is available
      that just calls into plat_set_nv_ctr().
      
      Fixes ARM-software/tf-issues#426
      
      Change-Id: I4fc978fd28a3007bc0cef972ff1f69ad0413b79c
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      d35dee23
  28. 03 Jun, 2016 1 commit
    • Soby Mathew's avatar
      Allow dynamic overriding of ROTPK verification · 04943d33
      Soby Mathew authored
      A production ROM with TBB enabled must have the ability to boot test software
      before a real ROTPK is deployed (e.g. manufacturing mode). Previously the
      function plat_get_rotpk_info() must return a valid ROTPK for TBB to succeed.
      This patch adds an additional bit `ROTPK_NOT_DEPLOYED` in the output `flags`
      parameter from plat_get_rotpk_info(). If this bit is set, then the ROTPK
      in certificate is used without verifying against the platform value.
      
      Fixes ARM-software/tf-issues#381
      
      Change-Id: Icbbffab6bff8ed76b72431ee21337f550d8fdbbb
      04943d33
  29. 31 Mar, 2016 1 commit
    • Juan Castillo's avatar
      TBB: add non-volatile counter support · 48279d52
      Juan Castillo authored
      This patch adds support for non-volatile counter authentication to
      the Authentication Module. This method consists of matching the
      counter values provided in the certificates with the ones stored
      in the platform. If the value from the certificate is lower than
      the platform, the boot process is aborted. This mechanism protects
      the system against rollback.
      
      The TBBR CoT has been updated to include this method as part of the
      authentication process. Two counters are used: one for the trusted
      world images and another for the non trusted world images.
      
      ** NEW PLATFORM APIs (mandatory when TBB is enabled) **
      
      int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr);
      
          This API returns the non-volatile counter value stored
          in the platform. The cookie in the first argument may be
          used to select the counter in case the platform provides
          more than one (i.e. TBSA compliant platforms must provide
          trusted and non-trusted counters). This cookie is specified
          in the CoT.
      
      int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr);
      
          This API sets a new counter value. The cookie may be
          used to select the counter to be updated.
      
      An implementation of these new APIs for ARM platforms is also
      provided. The values are obtained from the Trusted Non-Volatile
      Counters peripheral. The cookie is used to pass the extension OID.
      This OID may be interpreted by the platform to know which counter
      must return. On Juno, The trusted and non-trusted counter values
      have been tied to 31 and 223, respectively, and cannot be modified.
      
      ** IMPORTANT **
      
      THIS PATCH BREAKS THE BUILD WHEN TRUSTED_BOARD_BOOT IS ENABLED. THE
      NEW PLATFORM APIs INTRODUCED IN THIS PATCH MUST BE IMPLEMENTED IN
      ORDER TO SUCCESSFULLY BUILD TF.
      
      Change-Id: Ic943b76b25f2a37f490eaaab6d87b4a8b3cbc89a
      48279d52
  30. 05 Jan, 2016 1 commit
    • Sandrine Bailleux's avatar
      Always build with '-pedantic' · aa856917
      Sandrine Bailleux authored
      By default ARM TF is built with the '-pedantic' compiler flag, which
      helps detecting violations of the C standard. However, the mbed TLS
      library and its associated authentication module in TF used to fail
      building with this compiler flag. As a workaround, the mbed TLS
      authentication module makefile used to set the 'DISABLE_PEDANTIC'
      TF build flag.
      
      The compiler errors flagged by '-pedantic' in the mbed TLS library
      have been fixed between versions 1.3.9 and 2.2.0 and the library now
      properly builds with this compiler flag.
      
      This patch fixes the remaining compiler errors in the mbed TLS
      authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF
      build flag. This means that TF is now always built with '-pedantic'.
      
      In particular, this patch:
      
       * Removes the final semi-colon in REGISTER_COT() macro.
      
         This semi-colon was causing the following error message:
      
         drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow
         extra ';' outside of a function [-Werror=pedantic]
      
         This has been fixed both in the mbed TLS authentication module
         as well as in the certificate generation tool. Note that the latter
         code didn't need fixing since it is not built with '-pedantic' but
         the change has been propagated for consistency.
      
         Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros,
         which were suffering from the same issue.
      
       * Fixes a pointer type.
      
         It was causing the following error message:
      
         drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash':
         drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of
         type 'void *' used in arithmetic [-Werror=pointer-arith]
      
      Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d
      aa856917
  31. 14 Dec, 2015 2 commits
    • Juan Castillo's avatar
      Replace all SCP FW (BL0, BL3-0) references · f59821d5
      Juan Castillo authored
      This patch replaces all references to the SCP Firmware (BL0, BL30,
      BL3-0, bl30) with the image terminology detailed in the TF wiki
      (https://github.com/ARM-software/arm-trusted-firmware/wiki):
      
          BL0          -->  SCP_BL1
          BL30, BL3-0  -->  SCP_BL2
          bl30         -->  scp_bl2
      
      This change affects code, documentation, build system, tools and
      platform ports that load SCP firmware. ARM plaforms have been
      updated to the new porting API.
      
      IMPORTANT: build option to specify the SCP FW image has changed:
      
          BL30 --> SCP_BL2
      
      IMPORTANT: This patch breaks compatibility for platforms that use BL2
      to load SCP firmware. Affected platforms must be updated as follows:
      
          BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID
          BL30_BASE --> SCP_BL2_BASE
          bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo()
          bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2()
      
      Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
      f59821d5
    • Juan Castillo's avatar
      TBB: apply TBBR naming convention to certificates and extensions · 516beb58
      Juan Castillo authored
      This patch applies the TBBR naming convention to the certificates
      and the corresponding extensions defined by the CoT:
      
          * Certificate UUID names
          * Certificate identifier names
          * OID names
      
      Changes apply to:
      
          * Generic code (variables and defines)
          * The default certificate identifiers provided in the generic
            code
          * Build system
          * ARM platforms port
          * cert_create tool internal definitions
          * fip_create and cert_create tools command line options
          * Documentation
      
      IMPORTANT: this change breaks the compatibility with platforms
      that use TBBR. The platform will need to adapt the identifiers
      and OIDs to the TBBR naming convention introduced by this patch:
      
      Certificate UUIDs:
      
          UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT
          UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT
          UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT
          UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT
          UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT
          UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT
          UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT
          UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT
          UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT
      
      Certificate identifiers:
      
          BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID
          BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID
          BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID
          BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID
          BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID
          BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID
          BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID
          BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID
          BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID
      
      OIDs:
      
          TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID
          NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID
          BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID
          TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID
          NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID
          BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID
          BL30_HASH_OID --> SCP_FW_HASH_OID
          BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID
          BL31_HASH_OID --> SOC_AP_FW_HASH_OID
          BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID
          BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID
          BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID
          BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID
          BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID
          SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID
          NS_BL2U_HASH_OID --> FWU_HASH_OID
      
      Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
      516beb58