1 /*
2  * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef EXT_H
8 #define EXT_H
9 
10 #include <openssl/x509v3.h>
11 #include "key.h"
12 
13 /* Extension types supported */
14 enum ext_type_e {
15 	EXT_TYPE_NVCOUNTER,
16 	EXT_TYPE_PKEY,
17 	EXT_TYPE_HASH
18 };
19 
20 /* NV-Counter types */
21 enum nvctr_type_e {
22 	NVCTR_TYPE_TFW,
23 	NVCTR_TYPE_NTFW
24 };
25 
26 /*
27  * This structure contains the relevant information to create the extensions
28  * to be included in the certificates. This extensions will be used to
29  * establish the chain of trust.
30  */
31 typedef struct ext_s {
32 	const char *oid;	/* OID of the extension */
33 	const char *sn;		/* Short name */
34 	const char *ln;		/* Long description */
35 	const char *opt;	/* Command line option to specify data */
36 	const char *help_msg;	/* Help message */
37 	const char *arg;	/* Argument passed from command line */
38 	int asn1_type;		/* OpenSSL ASN1 type of the extension data.
39 				 * Supported types are:
40 				 *   - V_ASN1_INTEGER
41 				 *   - V_ASN1_OCTET_STRING
42 				 */
43 	int type;		/* See ext_type_e */
44 
45 	/* Extension attributes (depends on extension type) */
46 	union {
47 		int nvctr_type;	/* See nvctr_type_e */
48 		int key;	/* Index into array of registered public keys */
49 	} attr;
50 
51 	int alias;		/* In case OpenSSL provides an standard
52 				 * extension of the same type, add the new
53 				 * extension as an alias of this one
54 				 */
55 
56 	X509V3_EXT_METHOD method; /* This field may be used to define a custom
57 				   * function to print the contents of the
58 				   * extension */
59 
60 	int optional;	/* This field may be used optionally to exclude an image */
61 } ext_t;
62 
63 enum {
64 	EXT_NON_CRIT = 0,
65 	EXT_CRIT = !EXT_NON_CRIT,
66 };
67 
68 /* Exported API */
69 int ext_init(void);
70 ext_t *ext_get_by_opt(const char *opt);
71 X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md,
72 		unsigned char *buf, size_t len);
73 X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value);
74 X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k);
75 
76 /* Macro to register the extensions used in the CoT */
77 #define REGISTER_EXTENSIONS(_ext) \
78 	ext_t *def_extensions = &_ext[0]; \
79 	const unsigned int num_def_extensions = sizeof(_ext)/sizeof(_ext[0])
80 
81 /* Macro to register the platform defined extensions used in the CoT */
82 #define PLAT_REGISTER_EXTENSIONS(_pdef_ext) \
83 	ext_t *pdef_extensions = &_pdef_ext[0]; \
84 	const unsigned int num_pdef_extensions = sizeof(_pdef_ext)/sizeof(_pdef_ext[0])
85 
86 /* Exported variables */
87 extern ext_t *def_extensions;
88 extern const unsigned int num_def_extensions;
89 extern ext_t *pdef_extensions;
90 extern const unsigned int num_pdef_extensions;
91 
92 extern ext_t *extensions;
93 extern unsigned int num_extensions;
94 #endif /* EXT_H */
95