Home Explore Help
Sign In
OWEALs
/
arm-trusted-firmware
mirror of https://github.com/ARM-software/arm-trusted-firmware
2
0
Fork 0
Files Issues 1 Wiki
Tree: a6e01be250
Branches Tags
arm-trusted-fir...
/
tools
/
cert_create
/
include
/
cert.h

cert.h 2.2 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. /*
    2. 

  2.  * Copyright (c) 2015-2022, ARM Limited and Contributors. All rights reserved.
    3. 

  3.  *
    4. 

  4.  * SPDX-License-Identifier: BSD-3-Clause
    5. 

  5.  */
    6. 

  6. 

  7. #ifndef CERT_H
    8. 

  8. #define CERT_H
    9. 

  9. 

  10. #include <openssl/ossl_typ.h>
    11. 

  11. #include <openssl/x509.h>
    12. 

  12. #include "ext.h"
    13. 

  13. #include "key.h"
    14. 

  14. 

  15. #define CERT_MAX_EXT			9
    16. 

  16. 

  17. /*
    18. 

  18.  * This structure contains information related to the generation of the
    19. 

  19.  * certificates. All these fields must be known and specified at build time
    20. 

  20.  * except for the file name, which is picked up from the command line at
    21. 

  21.  * run time.
    22. 

  22.  *
    23. 

  23.  * One instance of this structure must be created for each of the certificates
    24. 

  24.  * present in the chain of trust.
    25. 

  25.  *
    26. 

  26.  * If the issuer points to this same instance, the generated certificate will
    27. 

  27.  * be self-signed.
    28. 

  28.  */
    29. 

  29. typedef struct cert_s cert_t;
    30. 

  30. struct cert_s {
    31. 

  31. 	int id;			/* Unique identifier */
    32. 

  32. 

  33. 	const char *opt;	/* Command line option to pass filename */
    34. 

  34. 	const char *fn;		/* Filename to save the certificate */
    35. 

  35. 	const char *cn;		/* Subject CN (Company Name) */
    36. 

  36. 	const char *help_msg;	/* Help message */
    37. 

  37. 

  38. 	/* These fields must be defined statically */
    39. 

  39. 	int key;		/* Key to be signed */
    40. 

  40. 	int issuer;		/* Issuer certificate */
    41. 

  41. 	int ext[CERT_MAX_EXT];	/* Certificate extensions */
    42. 

  42. 	int num_ext;		/* Number of extensions in the certificate */
    43. 

  43. 

  44. 	X509 *x;		/* X509 certificate container */
    45. 

  45. };
    46. 

  46. 

  47. /* Exported API */
    48. 

  48. int cert_init(void);
    49. 

  49. cert_t *cert_get_by_opt(const char *opt);
    50. 

  50. int cert_add_ext(X509 *issuer, X509 *subject, int nid, char *value);
    51. 

  51. int cert_new(
    52. 

  52. 	int md_alg,
    53. 

  53. 	cert_t *cert,
    54. 

  54. 	int days,
    55. 

  55. 	int ca,
    56. 

  56. 	STACK_OF(X509_EXTENSION) * sk);
    57. 

  57. void cert_cleanup(void);
    58. 

  58. 

  59. /* Macro to register the certificates used in the CoT */
    60. 

  60. #define REGISTER_COT(_certs) \
    61. 

  61. 	cert_t *def_certs = &_certs[0]; \
    62. 

  62. 	const unsigned int num_def_certs = sizeof(_certs)/sizeof(_certs[0])
    63. 

  63. 

  64. /* Macro to register the platform defined certificates used in the CoT */
    65. 

  65. #define PLAT_REGISTER_COT(_pdef_certs) \
    66. 

  66. 	cert_t *pdef_certs = &_pdef_certs[0]; \
    67. 

  67. 	const unsigned int num_pdef_certs = sizeof(_pdef_certs)/sizeof(_pdef_certs[0])
    68. 

  68. 

  69. /* Exported variables */
    70. 

  70. extern cert_t *def_certs;
    71. 

  71. extern const unsigned int num_def_certs;
    72. 

  72. extern cert_t *pdef_certs;
    73. 

  73. extern const unsigned int num_pdef_certs;
    74. 

  74. 

  75. extern cert_t *certs;
    76. 

  76. extern unsigned int num_certs;
    77. 

  77. #endif /* CERT_H */
    78.