diff options
| author | Juan Castillo <juan.castillo@arm.com> | 2014-11-04 17:36:40 +0000 |
|---|---|---|
| committer | Dan Handley <dan.handley@arm.com> | 2015-01-28 18:26:59 +0000 |
| commit | b7124ea7f6fe1e1e73a0975cfb0fa34cabd73b2a (patch) | |
| tree | d1880c2a689f4284c79fafb856be54395075f323 /tools | |
| parent | 6f97162237603eb6e5c497e5ba903512bdd428a9 (diff) | |
TBB: add support to include certificates in a FIP image
This patch extends the FIP tool to include the certificates
generated by the 'cert_create' tool.
If GENERATE_COT build option is enabled, the Makefile adds the
certificates as dependencies to create the FIP file. Thus, make
target 'fip' will also build the certificates as part of the
Trusted Firmware build process.
Change-Id: I5eee500da7f7be6cfb6e3df0423599739d260074
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/fip_create/fip_create.c | 24 | ||||
| -rw-r--r-- | tools/fip_create/fip_create.h | 2 |
2 files changed, 25 insertions, 1 deletions
diff --git a/tools/fip_create/fip_create.c b/tools/fip_create/fip_create.c index c940c5b0..c6869f95 100644 --- a/tools/fip_create/fip_create.c +++ b/tools/fip_create/fip_create.c @@ -65,6 +65,30 @@ static entry_lookup_list_t toc_entry_lookup_list[] = { "bl32", NULL, FLAG_FILENAME}, { "Non-Trusted Firmware BL3-3", UUID_NON_TRUSTED_FIRMWARE_BL33, "bl33", NULL, FLAG_FILENAME}, + /* Key Certificates */ + { "Root Of Trust key certificate", UUID_ROT_KEY_CERT, + "rot-cert", NULL, FLAG_FILENAME }, + { "Trusted key certificate", UUID_TRUSTED_KEY_CERT, + "trusted-key-cert", NULL, FLAG_FILENAME}, + { "SCP Firmware BL3-0 key certificate", UUID_SCP_FIRMWARE_BL30_KEY_CERT, + "bl30-key-cert", NULL, FLAG_FILENAME}, + { "EL3 Runtime Firmware BL3-1 key certificate", UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT, + "bl31-key-cert", NULL, FLAG_FILENAME}, + { "Secure Payload BL3-2 (Trusted OS) key certificate", UUID_SECURE_PAYLOAD_BL32_KEY_CERT, + "bl32-key-cert", NULL, FLAG_FILENAME}, + { "Non-Trusted Firmware BL3-3 key certificate", UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT, + "bl33-key-cert", NULL, FLAG_FILENAME}, + /* Content certificates */ + { "Trusted Boot Firmware BL2 certificate", UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT, + "bl2-cert", NULL, FLAG_FILENAME }, + { "SCP Firmware BL3-0 certificate", UUID_SCP_FIRMWARE_BL30_CERT, + "bl30-cert", NULL, FLAG_FILENAME}, + { "EL3 Runtime Firmware BL3-1 certificate", UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT, + "bl31-cert", NULL, FLAG_FILENAME}, + { "Secure Payload BL3-2 (Trusted OS) certificate", UUID_SECURE_PAYLOAD_BL32_CERT, + "bl32-cert", NULL, FLAG_FILENAME}, + { "Non-Trusted Firmware BL3-3 certificate", UUID_NON_TRUSTED_FIRMWARE_BL33_CERT, + "bl33-cert", NULL, FLAG_FILENAME}, { NULL, {0}, 0 } }; diff --git a/tools/fip_create/fip_create.h b/tools/fip_create/fip_create.h index ef321cd3..32583352 100644 --- a/tools/fip_create/fip_create.h +++ b/tools/fip_create/fip_create.h @@ -34,7 +34,7 @@ #include <stdint.h> #include <uuid.h> -#define MAX_FILES 10 +#define MAX_FILES 20 /* TODO: Update this number as required */ #define TOC_HEADER_SERIAL_NUMBER 0x12345678 |