git.openwrt.org Git - project/bcm63xx/atf.git/commit

author	Juan Castillo <juan.castillo@arm.com>
	Thu, 5 Mar 2015 14:30:00 +0000 (14:30 +0000)
committer	Juan Castillo <juan.castillo@arm.com>
	Thu, 25 Jun 2015 07:53:26 +0000 (08:53 +0100)
commit	c3da66b1bb3b0769bfb8a8fcdefed1b49cf373a4
tree	e8be11090da644e5fbbd1275b99d106648ac8abc	tree \| snapshot
parent	fd34e7ba7730b6538cfd18bddd877900c80e2a50	commit \| diff

TBB: use ASN.1 type DigestInfo to represent hashes

The cert_create tool calculates the hash of each BL image and includes
it as an ASN.1 OCTET STRING in the corresponding certificate extension.
Without additional information, the firmware running on the platform
has to know in advance the algorithm used to generate the hash.

This patch modifies the cert_create tool so the certificate extensions
that include an image hash are generated according to the following
ASN.1 structure:

    DigestInfo ::= SEQUENCE {
        digestAlgorithm  AlgorithmIdentifier,
        digest           OCTET STRING
    }

    AlgorithmIdentifier ::=  SEQUENCE  {
        algorithm        OBJECT IDENTIFIER,
        parameters       ANY DEFINED BY algorithm OPTIONAL
    }

The PolarSSL module has been updated to extract the image hash
from the certificate extension according to this structure.

Change-Id: I6d83430f12a8a0eea8447bec7c936e903f644c85

common/auth/polarssl/polarssl.c		diff \| blob \| history
tools/cert_create/include/ext.h		diff \| blob \| history
tools/cert_create/src/ext.c		diff \| blob \| history
tools/cert_create/src/main.c		diff \| blob \| history