blob: 1d959d4657aa36d09e25053de15301c8986676e8 [file] [log] [blame]
Sandrine Bailleux5d505082020-01-10 14:32:30 +01001/*
2 * Copyright (c) 2020, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6
7#ifndef DUALROOT_COT_H
8#define DUALROOT_COT_H
9
10/* Certificates. */
11enum {
12 /* Certificates owned by the silicon provider. */
13 TRUSTED_BOOT_FW_CERT,
14 TRUSTED_KEY_CERT,
15 SCP_FW_KEY_CERT,
16 SCP_FW_CONTENT_CERT,
17 SOC_FW_KEY_CERT,
18 SOC_FW_CONTENT_CERT,
19 TRUSTED_OS_FW_KEY_CERT,
20 TRUSTED_OS_FW_CONTENT_CERT,
Manish Pandey0a658842020-05-22 12:27:28 +010021 SIP_SECURE_PARTITION_CONTENT_CERT,
Sandrine Bailleux5d505082020-01-10 14:32:30 +010022 FWU_CERT,
23
24 /* Certificates owned by the platform owner. */
25 NON_TRUSTED_FW_CONTENT_CERT,
26};
27
28/* Certificate extensions. */
29enum {
30 /* Extensions used in certificates owned by the silicon provider. */
31 TRUSTED_FW_NVCOUNTER_EXT,
32 TRUSTED_BOOT_FW_HASH_EXT,
33 TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
34 HW_CONFIG_HASH_EXT,
Manish V Badarkhea1ffcf72020-06-11 21:08:45 +010035 FW_CONFIG_HASH_EXT,
Sandrine Bailleux5d505082020-01-10 14:32:30 +010036 TRUSTED_WORLD_PK_EXT,
37 SCP_FW_CONTENT_CERT_PK_EXT,
38 SCP_FW_HASH_EXT,
39 SOC_FW_CONTENT_CERT_PK_EXT,
40 SOC_AP_FW_HASH_EXT,
41 SOC_FW_CONFIG_HASH_EXT,
42 TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
43 TRUSTED_OS_FW_HASH_EXT,
44 TRUSTED_OS_FW_EXTRA1_HASH_EXT,
45 TRUSTED_OS_FW_EXTRA2_HASH_EXT,
46 TRUSTED_OS_FW_CONFIG_HASH_EXT,
Manish Pandey0a658842020-05-22 12:27:28 +010047 SP_PKG1_HASH_EXT,
48 SP_PKG2_HASH_EXT,
49 SP_PKG3_HASH_EXT,
50 SP_PKG4_HASH_EXT,
51 SP_PKG5_HASH_EXT,
52 SP_PKG6_HASH_EXT,
53 SP_PKG7_HASH_EXT,
54 SP_PKG8_HASH_EXT,
Sandrine Bailleux5d505082020-01-10 14:32:30 +010055 SCP_FWU_CFG_HASH_EXT,
56 AP_FWU_CFG_HASH_EXT,
57 FWU_HASH_EXT,
58
59 /* Extensions used in certificates owned by the platform owner. */
60 PROT_PK_EXT,
61 NON_TRUSTED_FW_NVCOUNTER_EXT,
62 NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
63 NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
64 NON_TRUSTED_FW_CONFIG_HASH_EXT,
65};
66
67/* Keys. */
68enum {
69 /* Keys owned by the silicon provider. */
70 ROT_KEY,
71 TRUSTED_WORLD_KEY,
72 SCP_FW_CONTENT_CERT_KEY,
73 SOC_FW_CONTENT_CERT_KEY,
74 TRUSTED_OS_FW_CONTENT_CERT_KEY,
75
76 /* Keys owned by the platform owner. */
77 PROT_KEY,
78};
79
80#endif /* DUALROOT_COT_H */