• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef DUALROOT_COT_H
8 #define DUALROOT_COT_H
9 
10 /* Certificates. */
11 enum {
12 	/* Certificates owned by the silicon provider. */
13 	TRUSTED_BOOT_FW_CERT,
14 	TRUSTED_KEY_CERT,
15 	SCP_FW_KEY_CERT,
16 	SCP_FW_CONTENT_CERT,
17 	SOC_FW_KEY_CERT,
18 	SOC_FW_CONTENT_CERT,
19 	TRUSTED_OS_FW_KEY_CERT,
20 	TRUSTED_OS_FW_CONTENT_CERT,
21 	SIP_SECURE_PARTITION_CONTENT_CERT,
22 	FWU_CERT,
23 
24 	/* Certificates owned by the platform owner. */
25 	NON_TRUSTED_FW_CONTENT_CERT,
26 	PLAT_SECURE_PARTITION_CONTENT_CERT,
27 };
28 
29 /* Certificate extensions. */
30 enum {
31 	/* Extensions used in certificates owned by the silicon provider. */
32 	TRUSTED_FW_NVCOUNTER_EXT,
33 	TRUSTED_BOOT_FW_HASH_EXT,
34 	TRUSTED_BOOT_FW_CONFIG_HASH_EXT,
35 	HW_CONFIG_HASH_EXT,
36 	FW_CONFIG_HASH_EXT,
37 	TRUSTED_WORLD_PK_EXT,
38 	SCP_FW_CONTENT_CERT_PK_EXT,
39 	SCP_FW_HASH_EXT,
40 	SOC_FW_CONTENT_CERT_PK_EXT,
41 	SOC_AP_FW_HASH_EXT,
42 	SOC_FW_CONFIG_HASH_EXT,
43 	TRUSTED_OS_FW_CONTENT_CERT_PK_EXT,
44 	TRUSTED_OS_FW_HASH_EXT,
45 	TRUSTED_OS_FW_EXTRA1_HASH_EXT,
46 	TRUSTED_OS_FW_EXTRA2_HASH_EXT,
47 	TRUSTED_OS_FW_CONFIG_HASH_EXT,
48 	SP_PKG1_HASH_EXT,
49 	SP_PKG2_HASH_EXT,
50 	SP_PKG3_HASH_EXT,
51 	SP_PKG4_HASH_EXT,
52 	SP_PKG5_HASH_EXT,
53 	SP_PKG6_HASH_EXT,
54 	SP_PKG7_HASH_EXT,
55 	SP_PKG8_HASH_EXT,
56 	SCP_FWU_CFG_HASH_EXT,
57 	AP_FWU_CFG_HASH_EXT,
58 	FWU_HASH_EXT,
59 
60 	/* Extensions used in certificates owned by the platform owner. */
61 	PROT_PK_EXT,
62 	NON_TRUSTED_FW_NVCOUNTER_EXT,
63 	NON_TRUSTED_FW_CONTENT_CERT_PK_EXT,
64 	NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT,
65 	NON_TRUSTED_FW_CONFIG_HASH_EXT,
66 };
67 
68 /* Keys. */
69 enum {
70 	/* Keys owned by the silicon provider. */
71 	ROT_KEY,
72 	TRUSTED_WORLD_KEY,
73 	SCP_FW_CONTENT_CERT_KEY,
74 	SOC_FW_CONTENT_CERT_KEY,
75 	TRUSTED_OS_FW_CONTENT_CERT_KEY,
76 
77 	/* Keys owned by the platform owner. */
78 	PROT_KEY,
79 };
80 
81 #endif /* DUALROOT_COT_H */
82