1*54fd6939SJiyong Park /* 2*54fd6939SJiyong Park * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved. 3*54fd6939SJiyong Park * 4*54fd6939SJiyong Park * SPDX-License-Identifier: BSD-3-Clause 5*54fd6939SJiyong Park */ 6*54fd6939SJiyong Park 7*54fd6939SJiyong Park #ifndef EXT_H 8*54fd6939SJiyong Park #define EXT_H 9*54fd6939SJiyong Park 10*54fd6939SJiyong Park #include <openssl/x509v3.h> 11*54fd6939SJiyong Park #include "key.h" 12*54fd6939SJiyong Park 13*54fd6939SJiyong Park /* Extension types supported */ 14*54fd6939SJiyong Park enum ext_type_e { 15*54fd6939SJiyong Park EXT_TYPE_NVCOUNTER, 16*54fd6939SJiyong Park EXT_TYPE_PKEY, 17*54fd6939SJiyong Park EXT_TYPE_HASH 18*54fd6939SJiyong Park }; 19*54fd6939SJiyong Park 20*54fd6939SJiyong Park /* NV-Counter types */ 21*54fd6939SJiyong Park enum nvctr_type_e { 22*54fd6939SJiyong Park NVCTR_TYPE_TFW, 23*54fd6939SJiyong Park NVCTR_TYPE_NTFW 24*54fd6939SJiyong Park }; 25*54fd6939SJiyong Park 26*54fd6939SJiyong Park /* 27*54fd6939SJiyong Park * This structure contains the relevant information to create the extensions 28*54fd6939SJiyong Park * to be included in the certificates. This extensions will be used to 29*54fd6939SJiyong Park * establish the chain of trust. 30*54fd6939SJiyong Park */ 31*54fd6939SJiyong Park typedef struct ext_s { 32*54fd6939SJiyong Park const char *oid; /* OID of the extension */ 33*54fd6939SJiyong Park const char *sn; /* Short name */ 34*54fd6939SJiyong Park const char *ln; /* Long description */ 35*54fd6939SJiyong Park const char *opt; /* Command line option to specify data */ 36*54fd6939SJiyong Park const char *help_msg; /* Help message */ 37*54fd6939SJiyong Park const char *arg; /* Argument passed from command line */ 38*54fd6939SJiyong Park int asn1_type; /* OpenSSL ASN1 type of the extension data. 39*54fd6939SJiyong Park * Supported types are: 40*54fd6939SJiyong Park * - V_ASN1_INTEGER 41*54fd6939SJiyong Park * - V_ASN1_OCTET_STRING 42*54fd6939SJiyong Park */ 43*54fd6939SJiyong Park int type; /* See ext_type_e */ 44*54fd6939SJiyong Park 45*54fd6939SJiyong Park /* Extension attributes (depends on extension type) */ 46*54fd6939SJiyong Park union { 47*54fd6939SJiyong Park int nvctr_type; /* See nvctr_type_e */ 48*54fd6939SJiyong Park int key; /* Index into array of registered public keys */ 49*54fd6939SJiyong Park } attr; 50*54fd6939SJiyong Park 51*54fd6939SJiyong Park int alias; /* In case OpenSSL provides an standard 52*54fd6939SJiyong Park * extension of the same type, add the new 53*54fd6939SJiyong Park * extension as an alias of this one 54*54fd6939SJiyong Park */ 55*54fd6939SJiyong Park 56*54fd6939SJiyong Park X509V3_EXT_METHOD method; /* This field may be used to define a custom 57*54fd6939SJiyong Park * function to print the contents of the 58*54fd6939SJiyong Park * extension */ 59*54fd6939SJiyong Park 60*54fd6939SJiyong Park int optional; /* This field may be used optionally to exclude an image */ 61*54fd6939SJiyong Park } ext_t; 62*54fd6939SJiyong Park 63*54fd6939SJiyong Park enum { 64*54fd6939SJiyong Park EXT_NON_CRIT = 0, 65*54fd6939SJiyong Park EXT_CRIT = !EXT_NON_CRIT, 66*54fd6939SJiyong Park }; 67*54fd6939SJiyong Park 68*54fd6939SJiyong Park /* Exported API */ 69*54fd6939SJiyong Park int ext_init(void); 70*54fd6939SJiyong Park ext_t *ext_get_by_opt(const char *opt); 71*54fd6939SJiyong Park X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md, 72*54fd6939SJiyong Park unsigned char *buf, size_t len); 73*54fd6939SJiyong Park X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value); 74*54fd6939SJiyong Park X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k); 75*54fd6939SJiyong Park 76*54fd6939SJiyong Park /* Macro to register the extensions used in the CoT */ 77*54fd6939SJiyong Park #define REGISTER_EXTENSIONS(_ext) \ 78*54fd6939SJiyong Park ext_t *def_extensions = &_ext[0]; \ 79*54fd6939SJiyong Park const unsigned int num_def_extensions = sizeof(_ext)/sizeof(_ext[0]) 80*54fd6939SJiyong Park 81*54fd6939SJiyong Park /* Macro to register the platform defined extensions used in the CoT */ 82*54fd6939SJiyong Park #define PLAT_REGISTER_EXTENSIONS(_pdef_ext) \ 83*54fd6939SJiyong Park ext_t *pdef_extensions = &_pdef_ext[0]; \ 84*54fd6939SJiyong Park const unsigned int num_pdef_extensions = sizeof(_pdef_ext)/sizeof(_pdef_ext[0]) 85*54fd6939SJiyong Park 86*54fd6939SJiyong Park /* Exported variables */ 87*54fd6939SJiyong Park extern ext_t *def_extensions; 88*54fd6939SJiyong Park extern const unsigned int num_def_extensions; 89*54fd6939SJiyong Park extern ext_t *pdef_extensions; 90*54fd6939SJiyong Park extern const unsigned int num_pdef_extensions; 91*54fd6939SJiyong Park 92*54fd6939SJiyong Park extern ext_t *extensions; 93*54fd6939SJiyong Park extern unsigned int num_extensions; 94*54fd6939SJiyong Park #endif /* EXT_H */ 95