Blame - drivers/auth/tbbr/tbbr_cot_bl1.c - filogic/atf

blob: 21942b494fdd4171fff863eeb0f4bf8f883dfbde [file] [log] [blame]

Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	1	/*
Govindraj Raja	9c7dfb0	2023-01-11 18:34:58 +0000	[diff] [blame]	2	* Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*/
				6
				7	#include <stddef.h>
				8
Govindraj Raja	9c7dfb0	2023-01-11 18:34:58 +0000	[diff] [blame]	9	#include <mbedtls/version.h>
Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	10
				11	#include <drivers/auth/auth_mod.h>
				12	#include <drivers/auth/tbbr_cot_common.h>
Govindraj Raja	9c7dfb0	2023-01-11 18:34:58 +0000	[diff] [blame]	13
Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	14	#if USE_TBBR_DEFS
				15	#include <tools_share/tbbr_oid.h>
				16	#else
				17	#include <platform_oid.h>
				18	#endif
				19
Govindraj Raja	9c7dfb0	2023-01-11 18:34:58 +0000	[diff] [blame]	20	#include <platform_def.h>
				21
Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	22	static auth_param_type_desc_t scp_bl2u_hash = AUTH_PARAM_TYPE_DESC(
				23	AUTH_PARAM_HASH, SCP_FWU_CFG_HASH_OID);
				24	static auth_param_type_desc_t bl2u_hash = AUTH_PARAM_TYPE_DESC(
				25	AUTH_PARAM_HASH, AP_FWU_CFG_HASH_OID);
				26	static auth_param_type_desc_t ns_bl2u_hash = AUTH_PARAM_TYPE_DESC(
				27	AUTH_PARAM_HASH, FWU_HASH_OID);
				28
				29	static const auth_img_desc_t bl2_image = {
				30	.img_id = BL2_IMAGE_ID,
				31	.img_type = IMG_RAW,
				32	.parent = &trusted_boot_fw_cert,
				33	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				34	[0] = {
				35	.type = AUTH_METHOD_HASH,
				36	.param.hash = {
				37	.data = &raw_data,
				38	.hash = &tb_fw_hash
				39	}
				40	}
				41	}
				42	};
				43
				44	/*
				45	* FWU auth descriptor.
				46	*/
				47	static const auth_img_desc_t fwu_cert = {
				48	.img_id = FWU_CERT_ID,
				49	.img_type = IMG_CERT,
				50	.parent = NULL,
				51	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				52	[0] = {
				53	.type = AUTH_METHOD_SIG,
				54	.param.sig = {
				55	.pk = &subject_pk,
				56	.sig = &sig,
				57	.alg = &sig_alg,
				58	.data = &raw_data
				59	}
				60	}
				61	},
				62	.authenticated_data = (const auth_param_desc_t[COT_MAX_VERIFIED_PARAMS]) {
				63	[0] = {
				64	.type_desc = &scp_bl2u_hash,
				65	.data = {
				66	.ptr = (void *)scp_fw_hash_buf,
				67	.len = (unsigned int)HASH_DER_LEN
				68	}
				69	},
				70	[1] = {
				71	.type_desc = &bl2u_hash,
				72	.data = {
				73	.ptr = (void *)tb_fw_hash_buf,
				74	.len = (unsigned int)HASH_DER_LEN
				75	}
				76	},
				77	[2] = {
				78	.type_desc = &ns_bl2u_hash,
				79	.data = {
				80	.ptr = (void *)nt_world_bl_hash_buf,
				81	.len = (unsigned int)HASH_DER_LEN
				82	}
				83	}
				84	}
				85	};
				86	/*
				87	* SCP_BL2U
				88	*/
				89	static const auth_img_desc_t scp_bl2u_image = {
				90	.img_id = SCP_BL2U_IMAGE_ID,
				91	.img_type = IMG_RAW,
				92	.parent = &fwu_cert,
				93	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				94	[0] = {
				95	.type = AUTH_METHOD_HASH,
				96	.param.hash = {
				97	.data = &raw_data,
				98	.hash = &scp_bl2u_hash
				99	}
				100	}
				101	}
				102	};
				103	/*
				104	* BL2U
				105	*/
				106	static const auth_img_desc_t bl2u_image = {
				107	.img_id = BL2U_IMAGE_ID,
				108	.img_type = IMG_RAW,
				109	.parent = &fwu_cert,
				110	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				111	[0] = {
				112	.type = AUTH_METHOD_HASH,
				113	.param.hash = {
				114	.data = &raw_data,
				115	.hash = &bl2u_hash
				116	}
				117	}
				118	}
				119	};
				120	/*
				121	* NS_BL2U
				122	*/
				123	static const auth_img_desc_t ns_bl2u_image = {
				124	.img_id = NS_BL2U_IMAGE_ID,
				125	.img_type = IMG_RAW,
				126	.parent = &fwu_cert,
				127	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				128	[0] = {
				129	.type = AUTH_METHOD_HASH,
				130	.param.hash = {
				131	.data = &raw_data,
				132	.hash = &ns_bl2u_hash
				133	}
				134	}
				135	}
				136	};
				137	/*
				138	* TB_FW_CONFIG
				139	*/
				140	static const auth_img_desc_t tb_fw_config = {
				141	.img_id = TB_FW_CONFIG_ID,
				142	.img_type = IMG_RAW,
				143	.parent = &trusted_boot_fw_cert,
				144	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				145	[0] = {
				146	.type = AUTH_METHOD_HASH,
				147	.param.hash = {
				148	.data = &raw_data,
				149	.hash = &tb_fw_config_hash
				150	}
				151	}
				152	}
				153	};
				154
Louis Mayencourt	244027d	2020-06-11 21:15:15 +0100	[diff] [blame]	155	static const auth_img_desc_t fw_config = {
				156	.img_id = FW_CONFIG_ID,
				157	.img_type = IMG_RAW,
				158	.parent = &trusted_boot_fw_cert,
				159	.img_auth_methods = (const auth_method_desc_t[AUTH_METHOD_NUM]) {
				160	[0] = {
				161	.type = AUTH_METHOD_HASH,
				162	.param.hash = {
				163	.data = &raw_data,
				164	.hash = &fw_config_hash
				165	}
				166	}
				167	}
				168	};
				169
Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	170	/*
				171	* TBBR Chain of trust definition
				172	*/
				173	static const auth_img_desc_t * const cot_desc[] = {
				174	[TRUSTED_BOOT_FW_CERT_ID] = &trusted_boot_fw_cert,
				175	[BL2_IMAGE_ID] = &bl2_image,
				176	[HW_CONFIG_ID] = &hw_config,
				177	[TB_FW_CONFIG_ID] = &tb_fw_config,
Louis Mayencourt	244027d	2020-06-11 21:15:15 +0100	[diff] [blame]	178	[FW_CONFIG_ID] = &fw_config,
Manish V Badarkhe	043fd62	2020-05-16 16:36:39 +0100	[diff] [blame]	179	[FWU_CERT_ID] = &fwu_cert,
				180	[SCP_BL2U_IMAGE_ID] = &scp_bl2u_image,
				181	[BL2U_IMAGE_ID] = &bl2u_image,
				182	[NS_BL2U_IMAGE_ID] = &ns_bl2u_image
				183	};
				184
				185	/* Register the CoT in the authentication module */
				186	REGISTER_COT(cot_desc);