TBB: add platform API to read the ROTPK information

Fork: 0

LuminaSensum / arm-trusted-firmware

Browse code TBB: add platform API to read the ROTPK information This patch extends the platform port by adding an API that returns either the Root of Trust public key (ROTPK) or its hash. This is usually stored in ROM or eFUSE memory. The ROTPK returned must be encoded in DER format according to the following ASN.1 structure: SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING } In case the platform returns a hash of the key: DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, keyDigest OCTET STRING } An implementation for ARM development platforms is provided in this patch. When TBB is enabled, the ROTPK hash location must be specified using the build option 'ARM_ROTPK_LOCATION'. Available options are: - 'regs' : return the ROTPK hash stored in the Trusted root-key storage registers. - 'devel_rsa' : return a ROTPK hash embedded in the BL1 and BL2 binaries. This hash has been obtained from the development RSA public key located in 'plat/arm/board/common/rotpk'. On FVP, the number of MMU tables has been increased to map and access the ROTPK registers. A new file 'board_common.mk' has been added to improve code sharing in the ARM develelopment platforms. Change-Id: Ib25862e5507d1438da10773e62bd338da8f360bf WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5 v1.4-rc0 v1.4 v1.3_rc2 v1.3_rc1 v1.3-rc0 v1.3 v1.2-rc0 v1.2
1 parent 16948ae commit 95cfd4ad84633502938a8bccc2b0290dfbcac2f7 Juan Castillo authored on 14 Apr 2015

Browse code

This patch extends the platform port by adding an API that returns
either the Root of Trust public key (ROTPK) or its hash. This is
usually stored in ROM or eFUSE memory. The ROTPK returned must be
encoded in DER format according to the following ASN.1 structure:

    SubjectPublicKeyInfo  ::=  SEQUENCE  {
        algorithm           AlgorithmIdentifier,
        subjectPublicKey    BIT STRING
    }

In case the platform returns a hash of the key:

    DigestInfo  ::= SEQUENCE {
        digestAlgorithm     AlgorithmIdentifier,
        keyDigest           OCTET STRING
    }

An implementation for ARM development platforms is provided in this
patch. When TBB is enabled, the ROTPK hash location must be specified
using the build option 'ARM_ROTPK_LOCATION'. Available options are:

    - 'regs' : return the ROTPK hash stored in the Trusted
      root-key storage registers.

    - 'devel_rsa' : return a ROTPK hash embedded in the BL1 and
      BL2 binaries. This hash has been obtained from the development
      RSA public key located in 'plat/arm/board/common/rotpk'.

On FVP, the number of MMU tables has been increased to map and
access the ROTPK registers.

A new file 'board_common.mk' has been added to improve code sharing
in the ARM develelopment platforms.

Change-Id: Ib25862e5507d1438da10773e62bd338da8f360bf

WIP_v2.3-LS master v2.2-LS v2.4-LS v2.3-rc2 v2.3-rc1 v2.3-rc0 v2.3 v2.2-rc2 v2.2-rc1 v2.2-rc0 v2.2 v2.1-rc1 v2.1-rc0 v2.1 v2.0-rc0 v2.0 v1.6-rc1 v1.6-rc0 v1.6 v1.5-rc3 v1.5-rc2 v1.5-rc1 v1.5-rc0 v1.5 v1.4-rc0 v1.4 v1.3_rc2 v1.3_rc1 v1.3-rc0 v1.3 v1.2-rc0 v1.2

1 parent 16948ae commit 95cfd4ad84633502938a8bccc2b0290dfbcac2f7

Juan Castillo authored on 14 Apr 2015

Patch

Unified Split

Showing 14 changed files

Ignore Space Show notes View docs/porting-guide.md

Ignore Space Show notes View docs/user-guide.md

Ignore Space Show notes View include/plat/arm/board/common/board_arm_def.h

Ignore Space Show notes View include/plat/arm/soc/common/soc_css_def.h

Ignore Space Show notes View include/plat/common/platform.h

Ignore Space Show notes View plat/arm/board/common/board_arm_trusted_boot.c

Ignore Space Show notes View plat/arm/board/common/board_common.mk 0 → 100644

Ignore Space Show notes View plat/arm/board/common/board_css.mk

Ignore Space Show notes View plat/arm/board/common/rotpk/arm_rotpk_rsa.der 0 → 100644
Not supported

Ignore Space Show notes View plat/arm/board/common/rotpk/arm_rotpk_rsa_sha256.bin 0 → 100644

Ignore Space Show notes View plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem 0 → 100644

Ignore Space Show notes View plat/arm/board/fvp/aarch64/fvp_common.c

Ignore Space Show notes View plat/arm/board/fvp/fvp_def.h

Ignore Space Show notes View plat/arm/board/fvp/platform.mk

Show line notes below