Home | History | Annotate | Download | only in include 
      1 /*
      2  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
      3  *
      4  * SPDX-License-Identifier: BSD-3-Clause
      5  */
      6 
      7 #ifndef EXT_H_
      8 #define EXT_H_
      9 
     10 #include <openssl/x509v3.h>
     11 #include "key.h"
     12 
     13 /* Extension types supported */
     14 enum ext_type_e {
     15 	EXT_TYPE_NVCOUNTER,
     16 	EXT_TYPE_PKEY,
     17 	EXT_TYPE_HASH
     18 };
     19 
     20 /* NV-Counter types */
     21 enum nvctr_type_e {
     22 	NVCTR_TYPE_TFW,
     23 	NVCTR_TYPE_NTFW
     24 };
     25 
     26 /*
     27  * This structure contains the relevant information to create the extensions
     28  * to be included in the certificates. This extensions will be used to
     29  * establish the chain of trust.
     30  */
     31 typedef struct ext_s {
     32 	const char *oid;	/* OID of the extension */
     33 	const char *sn;		/* Short name */
     34 	const char *ln;		/* Long description */
     35 	const char *opt;	/* Command line option to specify data */
     36 	const char *help_msg;	/* Help message */
     37 	const char *arg;	/* Argument passed from command line */
     38 	int asn1_type;		/* OpenSSL ASN1 type of the extension data.
     39 				 * Supported types are:
     40 				 *   - V_ASN1_INTEGER
     41 				 *   - V_ASN1_OCTET_STRING
     42 				 */
     43 	int type;		/* See ext_type_e */
     44 
     45 	/* Extension attributes (depends on extension type) */
     46 	union {
     47 		int nvctr_type;	/* See nvctr_type_e */
     48 		int key;	/* Index into array of registered public keys */
     49 	} attr;
     50 
     51 	int alias;		/* In case OpenSSL provides an standard
     52 				 * extension of the same type, add the new
     53 				 * extension as an alias of this one
     54 				 */
     55 
     56 	X509V3_EXT_METHOD method; /* This field may be used to define a custom
     57 				   * function to print the contents of the
     58 				   * extension */
     59 
     60 	int optional;	/* This field may be used optionally to exclude an image */
     61 } ext_t;
     62 
     63 enum {
     64 	EXT_NON_CRIT = 0,
     65 	EXT_CRIT = !EXT_NON_CRIT,
     66 };
     67 
     68 /* Exported API */
     69 int ext_init(void);
     70 ext_t *ext_get_by_opt(const char *opt);
     71 X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md,
     72 		unsigned char *buf, size_t len);
     73 X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value);
     74 X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k);
     75 
     76 /* Macro to register the extensions used in the CoT */
     77 #define REGISTER_EXTENSIONS(_ext) \
     78 	ext_t *extensions = &_ext[0]; \
     79 	const unsigned int num_extensions = sizeof(_ext)/sizeof(_ext[0])
     80 
     81 /* Exported variables */
     82 extern ext_t *extensions;
     83 extern const unsigned int num_extensions;
     84 
     85 #endif /* EXT_H_ */
     86