1 /* 2 * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef EXT_H 8 #define EXT_H 9 10 #include <openssl/x509v3.h> 11 #include "key.h" 12 13 /* Extension types supported */ 14 enum ext_type_e { 15 EXT_TYPE_NVCOUNTER, 16 EXT_TYPE_PKEY, 17 EXT_TYPE_HASH 18 }; 19 20 /* NV-Counter types */ 21 enum nvctr_type_e { 22 NVCTR_TYPE_TFW, 23 NVCTR_TYPE_NTFW 24 }; 25 26 /* 27 * This structure contains the relevant information to create the extensions 28 * to be included in the certificates. This extensions will be used to 29 * establish the chain of trust. 30 */ 31 typedef struct ext_s { 32 const char *oid; /* OID of the extension */ 33 const char *sn; /* Short name */ 34 const char *ln; /* Long description */ 35 const char *opt; /* Command line option to specify data */ 36 const char *help_msg; /* Help message */ 37 const char *arg; /* Argument passed from command line */ 38 int asn1_type; /* OpenSSL ASN1 type of the extension data. 39 * Supported types are: 40 * - V_ASN1_INTEGER 41 * - V_ASN1_OCTET_STRING 42 */ 43 int type; /* See ext_type_e */ 44 45 /* Extension attributes (depends on extension type) */ 46 union { 47 int nvctr_type; /* See nvctr_type_e */ 48 int key; /* Index into array of registered public keys */ 49 } attr; 50 51 int alias; /* In case OpenSSL provides an standard 52 * extension of the same type, add the new 53 * extension as an alias of this one 54 */ 55 56 X509V3_EXT_METHOD method; /* This field may be used to define a custom 57 * function to print the contents of the 58 * extension */ 59 60 int optional; /* This field may be used optionally to exclude an image */ 61 } ext_t; 62 63 enum { 64 EXT_NON_CRIT = 0, 65 EXT_CRIT = !EXT_NON_CRIT, 66 }; 67 68 /* Exported API */ 69 int ext_init(void); 70 ext_t *ext_get_by_opt(const char *opt); 71 X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md, 72 unsigned char *buf, size_t len); 73 X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value); 74 X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k); 75 76 /* Macro to register the extensions used in the CoT */ 77 #define REGISTER_EXTENSIONS(_ext) \ 78 ext_t *extensions = &_ext[0]; \ 79 const unsigned int num_extensions = sizeof(_ext)/sizeof(_ext[0]) 80 81 /* Exported variables */ 82 extern ext_t *extensions; 83 extern const unsigned int num_extensions; 84 85 #endif /* EXT_H */ 86