1 /* 2 * Copyright (c) 2020, Arm Limited. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef DUALROOT_COT_H 8 #define DUALROOT_COT_H 9 10 /* Certificates. */ 11 enum { 12 /* Certificates owned by the silicon provider. */ 13 TRUSTED_BOOT_FW_CERT, 14 TRUSTED_KEY_CERT, 15 SCP_FW_KEY_CERT, 16 SCP_FW_CONTENT_CERT, 17 SOC_FW_KEY_CERT, 18 SOC_FW_CONTENT_CERT, 19 TRUSTED_OS_FW_KEY_CERT, 20 TRUSTED_OS_FW_CONTENT_CERT, 21 SIP_SECURE_PARTITION_CONTENT_CERT, 22 FWU_CERT, 23 24 /* Certificates owned by the platform owner. */ 25 NON_TRUSTED_FW_CONTENT_CERT, 26 PLAT_SECURE_PARTITION_CONTENT_CERT, 27 }; 28 29 /* Certificate extensions. */ 30 enum { 31 /* Extensions used in certificates owned by the silicon provider. */ 32 TRUSTED_FW_NVCOUNTER_EXT, 33 TRUSTED_BOOT_FW_HASH_EXT, 34 TRUSTED_BOOT_FW_CONFIG_HASH_EXT, 35 HW_CONFIG_HASH_EXT, 36 FW_CONFIG_HASH_EXT, 37 TRUSTED_WORLD_PK_EXT, 38 SCP_FW_CONTENT_CERT_PK_EXT, 39 SCP_FW_HASH_EXT, 40 SOC_FW_CONTENT_CERT_PK_EXT, 41 SOC_AP_FW_HASH_EXT, 42 SOC_FW_CONFIG_HASH_EXT, 43 TRUSTED_OS_FW_CONTENT_CERT_PK_EXT, 44 TRUSTED_OS_FW_HASH_EXT, 45 TRUSTED_OS_FW_EXTRA1_HASH_EXT, 46 TRUSTED_OS_FW_EXTRA2_HASH_EXT, 47 TRUSTED_OS_FW_CONFIG_HASH_EXT, 48 SP_PKG1_HASH_EXT, 49 SP_PKG2_HASH_EXT, 50 SP_PKG3_HASH_EXT, 51 SP_PKG4_HASH_EXT, 52 SP_PKG5_HASH_EXT, 53 SP_PKG6_HASH_EXT, 54 SP_PKG7_HASH_EXT, 55 SP_PKG8_HASH_EXT, 56 SCP_FWU_CFG_HASH_EXT, 57 AP_FWU_CFG_HASH_EXT, 58 FWU_HASH_EXT, 59 60 /* Extensions used in certificates owned by the platform owner. */ 61 PROT_PK_EXT, 62 NON_TRUSTED_FW_NVCOUNTER_EXT, 63 NON_TRUSTED_FW_CONTENT_CERT_PK_EXT, 64 NON_TRUSTED_WORLD_BOOTLOADER_HASH_EXT, 65 NON_TRUSTED_FW_CONFIG_HASH_EXT, 66 }; 67 68 /* Keys. */ 69 enum { 70 /* Keys owned by the silicon provider. */ 71 ROT_KEY, 72 TRUSTED_WORLD_KEY, 73 SCP_FW_CONTENT_CERT_KEY, 74 SOC_FW_CONTENT_CERT_KEY, 75 TRUSTED_OS_FW_CONTENT_CERT_KEY, 76 77 /* Keys owned by the platform owner. */ 78 PROT_KEY, 79 }; 80 81 #endif /* DUALROOT_COT_H */ 82