1 /*
2  * Copyright (c) 2023, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef ETHOSN_CERT_H
8 #define ETHOSN_CERT_H
9 
10 #include "ethosn_oid.h"
11 #include <tbbr/tbb_ext.h>
12 #include <tbbr/tbb_key.h>
13 
14 /* Arm(R) Ethos(TM)-N NPU Certificates */
15 #define ETHOSN_NPU_FW_KEY_CERT_DEF {							\
16 	.id = ETHOSN_NPU_FW_KEY_CERT,							\
17 	.opt = "npu-fw-key-cert",							\
18 	.help_msg = "Arm(R) Ethos(TM)-N NPU Firmware Key Certificate (output file)",	\
19 	.fn = NULL,									\
20 	.cn = "NPU Firmware Key Certificate",						\
21 	.key = NON_TRUSTED_WORLD_KEY,							\
22 	.issuer = ETHOSN_NPU_FW_KEY_CERT,						\
23 	.ext = {									\
24 		NON_TRUSTED_FW_NVCOUNTER_EXT,						\
25 		ETHOSN_NPU_FW_CONTENT_CERT_PK_EXT,					\
26 	},										\
27 	.num_ext = 2 \
28 }
29 
30 #define ETHOSN_NPU_FW_CONTENT_CERT_DEF {							\
31 	.id = ETHOSN_NPU_FW_CONTENT_CERT,						\
32 	.opt = "npu-fw-cert",								\
33 	.help_msg = "Arm(R) Ethos(TM)-N NPU Firmware Content Certificate (output file)",\
34 	.fn = NULL,									\
35 	.cn = "NPU Firmware Content Certificate",					\
36 	.key = ETHOSN_NPU_FW_CONTENT_CERT_KEY,						\
37 	.issuer = ETHOSN_NPU_FW_CONTENT_CERT,						\
38 	.ext = {									\
39 		NON_TRUSTED_FW_NVCOUNTER_EXT,						\
40 		ETHOSN_NPU_FW_HASH_EXT,							\
41 	},										\
42 	.num_ext = 2 \
43 }
44 
45 /* NPU Extensions */
46 #define ETHOSN_NPU_FW_CONTENT_CERT_PK_EXT_DEF {						\
47 	.oid = ETHOSN_NPU_FW_CONTENT_CERT_PK_OID,					\
48 	.help_msg = "Arm(R) Ethos(TM)-N NPU Firmware content certificate public key",	\
49 	.sn = "NPUFirmwareContentCertPK",						\
50 	.ln = "NPU Firmware content cerificate public key",				\
51 	.asn1_type = V_ASN1_OCTET_STRING,						\
52 	.type = EXT_TYPE_PKEY,								\
53 	.attr.key = ETHOSN_NPU_FW_CONTENT_CERT_KEY \
54 }
55 
56 #define ETHOSN_NPU_FW_HASH_EXT_DEF {						\
57 	.oid = ETHOSN_NPU_FW_BINARY_OID,					\
58 	.opt = "npu-fw",							\
59 	.help_msg = "Arm(R) Ethos(TM)-N NPU Firmware image file (input file)",	\
60 	.sn = "NPUFirmwareHash",						\
61 	.ln = "NPU Firmware Hash (SHA256)",					\
62 	.asn1_type = V_ASN1_OCTET_STRING,					\
63 	.type = EXT_TYPE_HASH \
64 }
65 
66 /* NPU Keys */
67 #define ETHOSN_NPU_FW_CONTENT_CERT_KEY_DEF {							  \
68 	.id = ETHOSN_NPU_FW_CONTENT_CERT_KEY,							  \
69 	.opt = "npu-fw-key",									  \
70 	.help_msg = "Arm(R) Ethos(TM)-N NPU Firmware Content Certificate key (input/output file)",\
71 	.desc = "NPU Firmware Content Certificate key"						  \
72 }
73 
74 #endif  /* ETHOSN_CERT_H */
75