mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-08-13 16:07:04 +02:00
243875eaf9
fw_config image is authenticated using secure boot framework by
adding it into the single root and dual root chain of trust.
The COT for fw_config image looks as below:
+------------------+ +-------------------+
| ROTPK/ROTPK Hash |------>| Trusted Boot fw |
+------------------+ | Certificate |
| (Auth Image) |
/+-------------------+
/ |
/ |
/ |
/ |
L v
+------------------+ +-------------------+
| fw_config hash |------>| fw_config |
| | | (Data Image) |
+------------------+ +-------------------+
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I08fc8ee95c29a95bb140c807dd06e772474c7367
30 lines
840 B
C
30 lines
840 B
C
/*
|
|
* Copyright (c) 2020, ARM Limited and Contributors. All rights reserved.
|
|
*
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
*/
|
|
|
|
#ifndef TBBR_COT_COMMON_H
|
|
#define TBBR_COT_COMMON_H
|
|
|
|
#include <drivers/auth/auth_mod.h>
|
|
|
|
extern unsigned char tb_fw_hash_buf[HASH_DER_LEN];
|
|
extern unsigned char scp_fw_hash_buf[HASH_DER_LEN];
|
|
extern unsigned char nt_world_bl_hash_buf[HASH_DER_LEN];
|
|
|
|
extern auth_param_type_desc_t trusted_nv_ctr;
|
|
extern auth_param_type_desc_t subject_pk;
|
|
extern auth_param_type_desc_t sig;
|
|
extern auth_param_type_desc_t sig_alg;
|
|
extern auth_param_type_desc_t raw_data;
|
|
|
|
extern auth_param_type_desc_t tb_fw_hash;
|
|
extern auth_param_type_desc_t tb_fw_config_hash;
|
|
extern auth_param_type_desc_t fw_config_hash;
|
|
|
|
extern const auth_img_desc_t trusted_boot_fw_cert;
|
|
extern const auth_img_desc_t hw_config;
|
|
|
|
#endif /* TBBR_COT_COMMON_H */
|