1 /*
2  * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef EXT_H
8 #define EXT_H
9 
10 #include <openssl/x509v3.h>
11 #include "key.h"
12 
13 /* Extension types supported */
14 enum ext_type_e {
15 	EXT_TYPE_NVCOUNTER,
16 	EXT_TYPE_PKEY,
17 	EXT_TYPE_HASH
18 };
19 
20 /* NV-Counter types */
21 enum nvctr_type_e {
22 	NVCTR_TYPE_TFW,
23 	NVCTR_TYPE_NTFW,
24 	NVCTR_TYPE_CCAFW
25 };
26 
27 /*
28  * This structure contains the relevant information to create the extensions
29  * to be included in the certificates. This extensions will be used to
30  * establish the chain of trust.
31  */
32 typedef struct ext_s {
33 	const char *oid;	/* OID of the extension */
34 	const char *sn;		/* Short name */
35 	const char *ln;		/* Long description */
36 	const char *opt;	/* Command line option to specify data */
37 	const char *help_msg;	/* Help message */
38 	const char *arg;	/* Argument passed from command line */
39 	int asn1_type;		/* OpenSSL ASN1 type of the extension data.
40 				 * Supported types are:
41 				 *   - V_ASN1_INTEGER
42 				 *   - V_ASN1_OCTET_STRING
43 				 */
44 	int type;		/* See ext_type_e */
45 
46 	/* Extension attributes (depends on extension type) */
47 	union {
48 		int nvctr_type;	/* See nvctr_type_e */
49 		int key;	/* Index into array of registered public keys */
50 	} attr;
51 
52 	int alias;		/* In case OpenSSL provides an standard
53 				 * extension of the same type, add the new
54 				 * extension as an alias of this one
55 				 */
56 
57 	X509V3_EXT_METHOD method; /* This field may be used to define a custom
58 				   * function to print the contents of the
59 				   * extension */
60 
61 	int optional;	/* This field may be used optionally to exclude an image */
62 } ext_t;
63 
64 enum {
65 	EXT_NON_CRIT = 0,
66 	EXT_CRIT = !EXT_NON_CRIT,
67 };
68 
69 /* Exported API */
70 int ext_init(void);
71 ext_t *ext_get_by_opt(const char *opt);
72 X509_EXTENSION *ext_new_hash(int nid, int crit, const EVP_MD *md,
73 		unsigned char *buf, size_t len);
74 X509_EXTENSION *ext_new_nvcounter(int nid, int crit, int value);
75 X509_EXTENSION *ext_new_key(int nid, int crit, EVP_PKEY *k);
76 void ext_cleanup(void);
77 
78 /* Macro to register the extensions used in the CoT */
79 #define REGISTER_EXTENSIONS(_ext) \
80 	ext_t *def_extensions = &_ext[0]; \
81 	const unsigned int num_def_extensions = sizeof(_ext)/sizeof(_ext[0])
82 
83 /* Macro to register the platform defined extensions used in the CoT */
84 #define PLAT_REGISTER_EXTENSIONS(_pdef_ext) \
85 	ext_t *pdef_extensions = &_pdef_ext[0]; \
86 	const unsigned int num_pdef_extensions = sizeof(_pdef_ext)/sizeof(_pdef_ext[0])
87 
88 /* Exported variables */
89 extern ext_t *def_extensions;
90 extern const unsigned int num_def_extensions;
91 extern ext_t *pdef_extensions;
92 extern const unsigned int num_pdef_extensions;
93 
94 extern ext_t *extensions;
95 extern unsigned int num_extensions;
96 #endif /* EXT_H */
97