Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 1 | /* |
Tamas Ban | 322e183 | 2024-01-24 13:20:52 +0100 | [diff] [blame] | 2 | * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved. |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 3 | * |
dp-arm | fa3cf0b | 2017-05-03 09:38:09 +0100 | [diff] [blame] | 4 | * SPDX-License-Identifier: BSD-3-Clause |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 5 | */ |
| 6 | |
Antonio Nino Diaz | 5eb8837 | 2018-11-08 10:20:19 +0000 | [diff] [blame] | 7 | #ifndef TBBR_OID_H |
| 8 | #define TBBR_OID_H |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 9 | |
Manish V Badarkhe | 6dcbfa1 | 2023-07-19 10:39:08 +0100 | [diff] [blame] | 10 | #include "zero_oid.h" |
| 11 | |
Manish V Badarkhe | 39317ab | 2020-07-23 10:43:57 +0100 | [diff] [blame] | 12 | #define MAX_OID_NAME_LEN 30 |
| 13 | |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 14 | /* |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 15 | * The following is a list of OID values defined and reserved by ARM, which |
| 16 | * are used to define the extension fields of the certificate structure, as |
| 17 | * defined in the Trusted Board Boot Requirements (TBBR) specification, |
| 18 | * ARM DEN0006C-1. |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 19 | */ |
| 20 | |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 21 | |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 22 | /* TrustedFirmwareNVCounter - Non-volatile counter extension */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 23 | #define TRUSTED_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.1" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 24 | /* NonTrustedFirmwareNVCounter - Non-volatile counter extension */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 25 | #define NON_TRUSTED_FW_NVCOUNTER_OID "1.3.6.1.4.1.4128.2100.2" |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 26 | |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 27 | |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 28 | /* |
| 29 | * Non-Trusted Firmware Updater Certificate |
| 30 | */ |
| 31 | |
| 32 | /* APFirmwareUpdaterConfigHash - BL2U */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 33 | #define AP_FWU_CFG_HASH_OID "1.3.6.1.4.1.4128.2100.101" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 34 | /* SCPFirmwareUpdaterConfigHash - SCP_BL2U */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 35 | #define SCP_FWU_CFG_HASH_OID "1.3.6.1.4.1.4128.2100.102" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 36 | /* FirmwareUpdaterHash - NS_BL2U */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 37 | #define FWU_HASH_OID "1.3.6.1.4.1.4128.2100.103" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 38 | /* TrustedWatchdogRefreshTime */ |
| 39 | #define TRUSTED_WATCHDOG_TIME_OID "1.3.6.1.4.1.4128.2100.104" |
| 40 | |
| 41 | |
| 42 | /* |
| 43 | * Trusted Boot Firmware Certificate |
| 44 | */ |
| 45 | |
| 46 | /* TrustedBootFirmwareHash - BL2 */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 47 | #define TRUSTED_BOOT_FW_HASH_OID "1.3.6.1.4.1.4128.2100.201" |
Soby Mathew | 2ffb473 | 2017-11-07 16:50:31 +0000 | [diff] [blame] | 48 | #define TRUSTED_BOOT_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.202" |
| 49 | #define HW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.203" |
Manish V Badarkhe | a1ffcf7 | 2020-06-11 21:08:45 +0100 | [diff] [blame] | 50 | #define FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.204" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 51 | |
| 52 | /* |
| 53 | * Trusted Key Certificate |
| 54 | */ |
| 55 | |
| 56 | /* PrimaryDebugCertificatePK */ |
| 57 | #define PRIMARY_DEBUG_PK_OID "1.3.6.1.4.1.4128.2100.301" |
| 58 | /* TrustedWorldPK */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 59 | #define TRUSTED_WORLD_PK_OID "1.3.6.1.4.1.4128.2100.302" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 60 | /* NonTrustedWorldPK */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 61 | #define NON_TRUSTED_WORLD_PK_OID "1.3.6.1.4.1.4128.2100.303" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 62 | |
| 63 | |
| 64 | /* |
| 65 | * Trusted Debug Certificate |
| 66 | */ |
| 67 | |
| 68 | /* DebugScenario */ |
| 69 | #define TRUSTED_DEBUG_SCENARIO_OID "1.3.6.1.4.1.4128.2100.401" |
| 70 | /* SoC Specific */ |
| 71 | #define TRUSTED_DEBUG_SOC_SPEC_OID "1.3.6.1.4.1.4128.2100.402" |
| 72 | /* SecondaryDebugCertPK */ |
| 73 | #define SECONDARY_DEBUG_PK_OID "1.3.6.1.4.1.4128.2100.403" |
| 74 | |
| 75 | |
| 76 | /* |
| 77 | * SoC Firmware Key Certificate |
| 78 | */ |
| 79 | |
| 80 | /* SoCFirmwareContentCertPK */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 81 | #define SOC_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.501" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 82 | |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 83 | /* |
| 84 | * SoC Firmware Content Certificate |
| 85 | */ |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 86 | |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 87 | /* APRomPatchHash - BL1_PATCH */ |
| 88 | #define APROM_PATCH_HASH_OID "1.3.6.1.4.1.4128.2100.601" |
| 89 | /* SoCConfigHash */ |
| 90 | #define SOC_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.602" |
| 91 | /* SoCAPFirmwareHash - BL31 */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 92 | #define SOC_AP_FW_HASH_OID "1.3.6.1.4.1.4128.2100.603" |
Soby Mathew | 2bb78d3 | 2018-03-29 14:29:55 +0100 | [diff] [blame] | 93 | /* SoCFirmwareConfigHash = SOC_FW_CONFIG */ |
| 94 | #define SOC_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.604" |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 95 | |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 96 | /* |
| 97 | * SCP Firmware Key Certificate |
| 98 | */ |
| 99 | |
| 100 | /* SCPFirmwareContentCertPK */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 101 | #define SCP_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.701" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 102 | |
| 103 | |
| 104 | /* |
| 105 | * SCP Firmware Content Certificate |
| 106 | */ |
| 107 | |
Juan Castillo | a72b647 | 2015-12-10 15:49:17 +0000 | [diff] [blame] | 108 | /* SCPFirmwareHash - SCP_BL2 */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 109 | #define SCP_FW_HASH_OID "1.3.6.1.4.1.4128.2100.801" |
Juan Castillo | a72b647 | 2015-12-10 15:49:17 +0000 | [diff] [blame] | 110 | /* SCPRomPatchHash - SCP_BL1_PATCH */ |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 111 | #define SCP_ROM_PATCH_HASH_OID "1.3.6.1.4.1.4128.2100.802" |
| 112 | |
| 113 | |
| 114 | /* |
| 115 | * Trusted OS Firmware Key Certificate |
| 116 | */ |
| 117 | |
| 118 | /* TrustedOSFirmwareContentCertPK */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 119 | #define TRUSTED_OS_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.901" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 120 | |
| 121 | |
| 122 | /* |
| 123 | * Trusted OS Firmware Content Certificate |
| 124 | */ |
| 125 | |
| 126 | /* TrustedOSFirmwareHash - BL32 */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 127 | #define TRUSTED_OS_FW_HASH_OID "1.3.6.1.4.1.4128.2100.1001" |
Summer Qin | 8072678 | 2017-04-20 16:28:39 +0100 | [diff] [blame] | 128 | /* TrustedOSExtra1FirmwareHash - BL32 Extra1 */ |
| 129 | #define TRUSTED_OS_FW_EXTRA1_HASH_OID "1.3.6.1.4.1.4128.2100.1002" |
| 130 | /* TrustedOSExtra2FirmwareHash - BL32 Extra2 */ |
| 131 | #define TRUSTED_OS_FW_EXTRA2_HASH_OID "1.3.6.1.4.1.4128.2100.1003" |
Soby Mathew | 2bb78d3 | 2018-03-29 14:29:55 +0100 | [diff] [blame] | 132 | /* TrustedOSFirmwareConfigHash - TOS_FW_CONFIG */ |
| 133 | #define TRUSTED_OS_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.1004" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 134 | |
| 135 | |
| 136 | /* |
| 137 | * Non-Trusted Firmware Key Certificate |
| 138 | */ |
| 139 | |
| 140 | /* NonTrustedFirmwareContentCertPK */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 141 | #define NON_TRUSTED_FW_CONTENT_CERT_PK_OID "1.3.6.1.4.1.4128.2100.1101" |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 142 | |
| 143 | |
| 144 | /* |
| 145 | * Non-Trusted Firmware Content Certificate |
| 146 | */ |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 147 | |
Juan Castillo | 740bc52 | 2015-12-02 09:48:34 +0000 | [diff] [blame] | 148 | /* NonTrustedWorldBootloaderHash - BL33 */ |
Juan Castillo | be80120 | 2015-12-03 10:19:21 +0000 | [diff] [blame] | 149 | #define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID "1.3.6.1.4.1.4128.2100.1201" |
Soby Mathew | 2bb78d3 | 2018-03-29 14:29:55 +0100 | [diff] [blame] | 150 | /* NonTrustedFirmwareConfigHash - NT_FW_CONFIG */ |
| 151 | #define NON_TRUSTED_FW_CONFIG_HASH_OID "1.3.6.1.4.1.4128.2100.1202" |
Dan Handley | 9df4804 | 2015-03-19 18:58:55 +0000 | [diff] [blame] | 152 | |
Manish Pandey | c70b4b4 | 2020-06-10 15:50:36 +0100 | [diff] [blame] | 153 | /* |
| 154 | * Secure Partitions Content Certificate |
| 155 | */ |
| 156 | #define SP_PKG1_HASH_OID "1.3.6.1.4.1.4128.2100.1301" |
| 157 | #define SP_PKG2_HASH_OID "1.3.6.1.4.1.4128.2100.1302" |
| 158 | #define SP_PKG3_HASH_OID "1.3.6.1.4.1.4128.2100.1303" |
| 159 | #define SP_PKG4_HASH_OID "1.3.6.1.4.1.4128.2100.1304" |
| 160 | #define SP_PKG5_HASH_OID "1.3.6.1.4.1.4128.2100.1305" |
| 161 | #define SP_PKG6_HASH_OID "1.3.6.1.4.1.4128.2100.1306" |
| 162 | #define SP_PKG7_HASH_OID "1.3.6.1.4.1.4128.2100.1307" |
| 163 | #define SP_PKG8_HASH_OID "1.3.6.1.4.1.4128.2100.1308" |
| 164 | |
Manish V Badarkhe | 6dcbfa1 | 2023-07-19 10:39:08 +0100 | [diff] [blame] | 165 | /* |
| 166 | * Public Keys present in SOC FW content certificates authenticate BL31 and |
| 167 | * its configuration. |
| 168 | */ |
| 169 | #define BL31_IMAGE_KEY_OID SOC_FW_CONTENT_CERT_PK_OID |
| 170 | #define SOC_FW_CONFIG_KEY_OID SOC_FW_CONTENT_CERT_PK_OID |
| 171 | #define HW_CONFIG_KEY_OID ZERO_OID |
| 172 | |
Tamas Ban | 322e183 | 2024-01-24 13:20:52 +0100 | [diff] [blame] | 173 | #define SCP_BL2_IMAGE_KEY_OID SCP_FW_CONTENT_CERT_PK_OID |
| 174 | #define BL32_IMAGE_KEY_OID TRUSTED_OS_FW_CONTENT_CERT_PK_OID |
| 175 | #define TOS_FW_CONFIG_KEY_OID TRUSTED_OS_FW_CONTENT_CERT_PK_OID |
| 176 | #define BL33_IMAGE_KEY_OID NON_TRUSTED_FW_CONTENT_CERT_PK_OID |
| 177 | #define NT_FW_CONFIG_KEY_OID NON_TRUSTED_FW_CONTENT_CERT_PK_OID |
| 178 | |
Pankaj Gupta | dd906e6 | 2020-12-09 14:02:38 +0530 | [diff] [blame] | 179 | #ifdef PLAT_DEF_OID |
| 180 | #include <platform_oid.h> |
| 181 | #endif |
Antonio Nino Diaz | 5eb8837 | 2018-11-08 10:20:19 +0000 | [diff] [blame] | 182 | #endif /* TBBR_OID_H */ |