feat(auth): add update of current_pk_oid in auth
Adding the set of current_pk_oid during the authentication process,
include the new file in auth makefile.
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: I3e05b8607060b424e34642d23e4960d2ef0f71f0
diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c
index 8c5ff9d..05a8f45 100644
--- a/drivers/auth/auth_mod.c
+++ b/drivers/auth/auth_mod.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -14,6 +14,7 @@
#include <common/tbbr/cot_def.h>
#include <drivers/auth/auth_common.h>
#include <drivers/auth/auth_mod.h>
+#include <drivers/auth/auth_util.h>
#include <drivers/auth/crypto_mod.h>
#include <drivers/auth/img_parser_mod.h>
#include <drivers/fwu/fwu.h>
@@ -188,6 +189,18 @@
return rc;
}
+ /*
+ * Set Zero-OID for ROTPK(subject key) as a the certificate
+ * does not hold Key-OID information for ROTPK.
+ */
+ if (param->pk->cookie != NULL) {
+ pk_oid = param->pk->cookie;
+ } else {
+ pk_oid = ZERO_OID;
+ }
+
+ set_current_pk_oid(pk_oid);
+
/* Get the public key from the parent. If there is no parent (NULL),
* the certificate has been signed with the ROTPK, so we have to get
* the PK from the platform */
@@ -268,16 +281,6 @@
}
/*
- * Set Zero-OID for ROTPK(subject key) as a the certificate
- * does not hold Key-OID information for ROTPK.
- */
- if (param->pk->cookie != NULL) {
- pk_oid = param->pk->cookie;
- } else {
- pk_oid = ZERO_OID;
- }
-
- /*
* Public key is verified at this stage, notify platform
* to measure and publish it.
*/