Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 76a5a9b53781fd56f372339ae16319884f0b8f22^! / . / tools / cert_create / include
commit76a5a9b53781fd56f372339ae16319884f0b8f22[log] [tgz]
authorQixiang Xu <qixiang.xu@arm.com>Thu Nov 09 13:51:58 2017 +0800
committerQixiang Xu <qixiang.xu@arm.com>Tue Nov 21 14:16:18 2017 +0800
treea9dd4a6b777caf1946bbdbde44100d3545719a24
parentbd7b0ae265c5992ce76f74b03fac5c58672c2c17 [diff]
tools: add an option -hash-alg for cert_create

This option enables the user to select the secure hash algorithm
to be used for generating the hash. It supports the following
options:
    - sha256 (default)
    - sha384
    - sha512

Change-Id: Icb093cec1b5715e248c3d1c3749a2479a7ab4b89
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>

diff --git a/tools/cert_create/include/cert.h b/tools/cert_create/include/cert.h
index 256e7af..9b4ef5a 100644
--- a/tools/cert_create/include/cert.h
+++ b/tools/cert_create/include/cert.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -48,7 +48,13 @@
 int cert_init(void);
 cert_t *cert_get_by_opt(const char *opt);
 int cert_add_ext(X509 *issuer, X509 *subject, int nid, char *value);
-int cert_new(int key_alg, cert_t *cert, int days, int ca, STACK_OF(X509_EXTENSION) * sk);
+int cert_new(
+	int key_alg,
+	int md_alg,
+	cert_t *cert,
+	int days,
+	int ca,
+	STACK_OF(X509_EXTENSION) * sk);
 
 /* Macro to register the certificates used in the CoT */
 #define REGISTER_COT(_certs) \

diff --git a/tools/cert_create/include/key.h b/tools/cert_create/include/key.h
index 304fa61..1a253cc 100644
--- a/tools/cert_create/include/key.h
+++ b/tools/cert_create/include/key.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -30,6 +30,13 @@
 	KEY_ALG_MAX_NUM
 };
 
+/* Supported hash algorithms */
+enum{
+	HASH_ALG_SHA256,
+	HASH_ALG_SHA384,
+	HASH_ALG_SHA512,
+};
+
 /*
  * This structure contains the relevant information to create the keys
  * required to sign the certificates.

diff --git a/tools/cert_create/include/sha.h b/tools/cert_create/include/sha.h
index 6907fa1..4d07a1e 100644
--- a/tools/cert_create/include/sha.h
+++ b/tools/cert_create/include/sha.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -7,6 +7,6 @@
 #ifndef SHA_H_
 #define SHA_H_
 
-int sha_file(const char *filename, unsigned char *md);
+int sha_file(int md_alg, const char *filename, unsigned char *md);
 
 #endif /* SHA_H_ */