cert: move platform_oid.h to include/tools_share for all platforms
authorMasahiro Yamada <yamada.masahiro@socionext.com>
Mon, 22 May 2017 03:11:24 +0000 (12:11 +0900)
committerMasahiro Yamada <yamada.masahiro@socionext.com>
Tue, 23 May 2017 15:08:35 +0000 (00:08 +0900)
Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).

For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd.  This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.

The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h

Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1.  USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.

For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
14 files changed:
Makefile
docs/user-guide.md
drivers/auth/tbbr/tbbr_cot.c
include/plat/arm/board/common/board_arm_oid.h [deleted file]
include/tools_share/tbbr_oid.h [new file with mode: 0644]
make_helpers/defaults.mk
plat/arm/board/fvp/include/platform_oid.h
plat/arm/board/juno/include/platform_oid.h
plat/common/tbbr/plat_tbbr.c
tools/cert_create/Makefile
tools/cert_create/src/cert.c
tools/cert_create/src/key.c
tools/cert_create/src/main.c
tools/cert_create/src/tbbr/tbb_ext.c

index 83d6b7ea48b94f98ac878734ac18a2da28ecbf93..1f59af0df482ad0537817be888533248f9595953 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -445,6 +445,7 @@ $(eval $(call assert_boolean,SEPARATE_CODE_AND_RODATA))
 $(eval $(call assert_boolean,SPIN_ON_BL1_EXIT))
 $(eval $(call assert_boolean,TRUSTED_BOARD_BOOT))
 $(eval $(call assert_boolean,USE_COHERENT_MEM))
+$(eval $(call assert_boolean,USE_TBBR_DEFS))
 $(eval $(call assert_boolean,WARMBOOT_ENABLE_DCACHE_EARLY))
 
 $(eval $(call assert_numeric,ARM_ARCH_MAJOR))
@@ -483,6 +484,7 @@ $(eval $(call add_define,SPD_${SPD}))
 $(eval $(call add_define,SPIN_ON_BL1_EXIT))
 $(eval $(call add_define,TRUSTED_BOARD_BOOT))
 $(eval $(call add_define,USE_COHERENT_MEM))
+$(eval $(call add_define,USE_TBBR_DEFS))
 $(eval $(call add_define,WARMBOOT_ENABLE_DCACHE_EARLY))
 
 # Define the EL3_PAYLOAD_BASE flag only if it is provided.
@@ -606,7 +608,7 @@ certtool: ${CRTTOOL}
 
 .PHONY: ${CRTTOOL}
 ${CRTTOOL}:
-       ${Q}${MAKE} PLAT=${PLAT} --no-print-directory -C ${CRTTOOLPATH}
+       ${Q}${MAKE} PLAT=${PLAT} USE_TBBR_DEFS=${USE_TBBR_DEFS} --no-print-directory -C ${CRTTOOLPATH}
        @${ECHO_BLANK_LINE}
        @echo "Built $@ successfully"
        @${ECHO_BLANK_LINE}
index 9135d89bfe71adf72b48d29e0a39f7c2e5edc882..97d0f66b8e17db5bba367afa77fb35abf62f4fa8 100644 (file)
@@ -914,7 +914,11 @@ section), but it can also be built separately with the following command:
 
     make PLAT=<platform> [DEBUG=1] [V=1] certtool
 
-Specifying the platform is mandatory since the tool is platform specific.
+For platforms that do not require their own IDs in certificate files,
+the generic 'cert_create' tool can be built with the following command:
+
+    make USE_TBBR_DEFS=1 [DEBUG=1] [V=1] certtool
+
 `DEBUG=1` builds the tool in debug mode. `V=1` makes the build process more
 verbose. The following command should be used to obtain help about the tool:
 
index 8b6ca23b71f2c565c4f93999948d29a8fa9cb2a1..e88c7c26dc47a614c14b2ecab6f99bd1beb6896a 100644 (file)
@@ -1,12 +1,16 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
 
 #include <auth_mod.h>
 #include <platform_def.h>
+#if USE_TBBR_DEFS
+#include <tbbr_oid.h>
+#else
 #include <platform_oid.h>
+#endif
 #include <stddef.h>
 
 /*
diff --git a/include/plat/arm/board/common/board_arm_oid.h b/include/plat/arm/board/common/board_arm_oid.h
deleted file mode 100644 (file)
index fc6cd79..0000000
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef __BOARD_ARM_OID_H__
-#define __BOARD_ARM_OID_H__
-
-/*
- * The following is a list of OID values defined and reserved by ARM, which
- * are used to define the extension fields of the certificate structure, as
- * defined in the Trusted Board Boot Requirements (TBBR) specification,
- * ARM DEN0006C-1.
- *
- * Non-ARM platform owners that wish to align with the TBBR should define
- * constants with the same name in their own platform port(s), using their
- * own OIDs obtained from the ITU-T.
- */
-
-
-/* TrustedFirmwareNVCounter - Non-volatile counter extension */
-#define TRUSTED_FW_NVCOUNTER_OID               "1.3.6.1.4.1.4128.2100.1"
-/* NonTrustedFirmwareNVCounter - Non-volatile counter extension */
-#define NON_TRUSTED_FW_NVCOUNTER_OID           "1.3.6.1.4.1.4128.2100.2"
-
-
-/*
- * Non-Trusted Firmware Updater Certificate
- */
-
-/* APFirmwareUpdaterConfigHash - BL2U */
-#define AP_FWU_CFG_HASH_OID                    "1.3.6.1.4.1.4128.2100.101"
-/* SCPFirmwareUpdaterConfigHash - SCP_BL2U */
-#define SCP_FWU_CFG_HASH_OID                   "1.3.6.1.4.1.4128.2100.102"
-/* FirmwareUpdaterHash - NS_BL2U */
-#define FWU_HASH_OID                           "1.3.6.1.4.1.4128.2100.103"
-/* TrustedWatchdogRefreshTime */
-#define TRUSTED_WATCHDOG_TIME_OID              "1.3.6.1.4.1.4128.2100.104"
-
-
-/*
- * Trusted Boot Firmware Certificate
- */
-
-/* TrustedBootFirmwareHash - BL2 */
-#define TRUSTED_BOOT_FW_HASH_OID               "1.3.6.1.4.1.4128.2100.201"
-
-
-/*
- * Trusted Key Certificate
- */
-
-/* PrimaryDebugCertificatePK */
-#define PRIMARY_DEBUG_PK_OID                   "1.3.6.1.4.1.4128.2100.301"
-/* TrustedWorldPK */
-#define TRUSTED_WORLD_PK_OID                   "1.3.6.1.4.1.4128.2100.302"
-/* NonTrustedWorldPK */
-#define NON_TRUSTED_WORLD_PK_OID               "1.3.6.1.4.1.4128.2100.303"
-
-
-/*
- * Trusted Debug Certificate
- */
-
-/* DebugScenario */
-#define TRUSTED_DEBUG_SCENARIO_OID             "1.3.6.1.4.1.4128.2100.401"
-/* SoC Specific */
-#define TRUSTED_DEBUG_SOC_SPEC_OID             "1.3.6.1.4.1.4128.2100.402"
-/* SecondaryDebugCertPK */
-#define SECONDARY_DEBUG_PK_OID                 "1.3.6.1.4.1.4128.2100.403"
-
-
-/*
- * SoC Firmware Key Certificate
- */
-
-/* SoCFirmwareContentCertPK */
-#define SOC_FW_CONTENT_CERT_PK_OID             "1.3.6.1.4.1.4128.2100.501"
-
-
-/*
- * SoC Firmware Content Certificate
- */
-
-/* APRomPatchHash - BL1_PATCH */
-#define APROM_PATCH_HASH_OID                   "1.3.6.1.4.1.4128.2100.601"
-/* SoCConfigHash */
-#define SOC_CONFIG_HASH_OID                    "1.3.6.1.4.1.4128.2100.602"
-/* SoCAPFirmwareHash - BL31 */
-#define SOC_AP_FW_HASH_OID                     "1.3.6.1.4.1.4128.2100.603"
-
-
-/*
- * SCP Firmware Key Certificate
- */
-
-/* SCPFirmwareContentCertPK */
-#define SCP_FW_CONTENT_CERT_PK_OID             "1.3.6.1.4.1.4128.2100.701"
-
-
-/*
- * SCP Firmware Content Certificate
- */
-
-/* SCPFirmwareHash - SCP_BL2 */
-#define SCP_FW_HASH_OID                                "1.3.6.1.4.1.4128.2100.801"
-/* SCPRomPatchHash - SCP_BL1_PATCH */
-#define SCP_ROM_PATCH_HASH_OID                 "1.3.6.1.4.1.4128.2100.802"
-
-
-/*
- * Trusted OS Firmware Key Certificate
- */
-
-/* TrustedOSFirmwareContentCertPK */
-#define TRUSTED_OS_FW_CONTENT_CERT_PK_OID      "1.3.6.1.4.1.4128.2100.901"
-
-
-/*
- * Trusted OS Firmware Content Certificate
- */
-
-/* TrustedOSFirmwareHash - BL32 */
-#define TRUSTED_OS_FW_HASH_OID                 "1.3.6.1.4.1.4128.2100.1001"
-
-
-/*
- * Non-Trusted Firmware Key Certificate
- */
-
-/* NonTrustedFirmwareContentCertPK */
-#define NON_TRUSTED_FW_CONTENT_CERT_PK_OID     "1.3.6.1.4.1.4128.2100.1101"
-
-
-/*
- * Non-Trusted Firmware Content Certificate
- */
-
-/* NonTrustedWorldBootloaderHash - BL33 */
-#define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID  "1.3.6.1.4.1.4128.2100.1201"
-
-#endif /* __BOARD_ARM_OID_H__ */
diff --git a/include/tools_share/tbbr_oid.h b/include/tools_share/tbbr_oid.h
new file mode 100644 (file)
index 0000000..7a34087
--- /dev/null
@@ -0,0 +1,139 @@
+/*
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef __TBBR_OID_H__
+#define __TBBR_OID_H__
+
+/*
+ * The following is a list of OID values defined and reserved by ARM, which
+ * are used to define the extension fields of the certificate structure, as
+ * defined in the Trusted Board Boot Requirements (TBBR) specification,
+ * ARM DEN0006C-1.
+ */
+
+
+/* TrustedFirmwareNVCounter - Non-volatile counter extension */
+#define TRUSTED_FW_NVCOUNTER_OID               "1.3.6.1.4.1.4128.2100.1"
+/* NonTrustedFirmwareNVCounter - Non-volatile counter extension */
+#define NON_TRUSTED_FW_NVCOUNTER_OID           "1.3.6.1.4.1.4128.2100.2"
+
+
+/*
+ * Non-Trusted Firmware Updater Certificate
+ */
+
+/* APFirmwareUpdaterConfigHash - BL2U */
+#define AP_FWU_CFG_HASH_OID                    "1.3.6.1.4.1.4128.2100.101"
+/* SCPFirmwareUpdaterConfigHash - SCP_BL2U */
+#define SCP_FWU_CFG_HASH_OID                   "1.3.6.1.4.1.4128.2100.102"
+/* FirmwareUpdaterHash - NS_BL2U */
+#define FWU_HASH_OID                           "1.3.6.1.4.1.4128.2100.103"
+/* TrustedWatchdogRefreshTime */
+#define TRUSTED_WATCHDOG_TIME_OID              "1.3.6.1.4.1.4128.2100.104"
+
+
+/*
+ * Trusted Boot Firmware Certificate
+ */
+
+/* TrustedBootFirmwareHash - BL2 */
+#define TRUSTED_BOOT_FW_HASH_OID               "1.3.6.1.4.1.4128.2100.201"
+
+
+/*
+ * Trusted Key Certificate
+ */
+
+/* PrimaryDebugCertificatePK */
+#define PRIMARY_DEBUG_PK_OID                   "1.3.6.1.4.1.4128.2100.301"
+/* TrustedWorldPK */
+#define TRUSTED_WORLD_PK_OID                   "1.3.6.1.4.1.4128.2100.302"
+/* NonTrustedWorldPK */
+#define NON_TRUSTED_WORLD_PK_OID               "1.3.6.1.4.1.4128.2100.303"
+
+
+/*
+ * Trusted Debug Certificate
+ */
+
+/* DebugScenario */
+#define TRUSTED_DEBUG_SCENARIO_OID             "1.3.6.1.4.1.4128.2100.401"
+/* SoC Specific */
+#define TRUSTED_DEBUG_SOC_SPEC_OID             "1.3.6.1.4.1.4128.2100.402"
+/* SecondaryDebugCertPK */
+#define SECONDARY_DEBUG_PK_OID                 "1.3.6.1.4.1.4128.2100.403"
+
+
+/*
+ * SoC Firmware Key Certificate
+ */
+
+/* SoCFirmwareContentCertPK */
+#define SOC_FW_CONTENT_CERT_PK_OID             "1.3.6.1.4.1.4128.2100.501"
+
+
+/*
+ * SoC Firmware Content Certificate
+ */
+
+/* APRomPatchHash - BL1_PATCH */
+#define APROM_PATCH_HASH_OID                   "1.3.6.1.4.1.4128.2100.601"
+/* SoCConfigHash */
+#define SOC_CONFIG_HASH_OID                    "1.3.6.1.4.1.4128.2100.602"
+/* SoCAPFirmwareHash - BL31 */
+#define SOC_AP_FW_HASH_OID                     "1.3.6.1.4.1.4128.2100.603"
+
+
+/*
+ * SCP Firmware Key Certificate
+ */
+
+/* SCPFirmwareContentCertPK */
+#define SCP_FW_CONTENT_CERT_PK_OID             "1.3.6.1.4.1.4128.2100.701"
+
+
+/*
+ * SCP Firmware Content Certificate
+ */
+
+/* SCPFirmwareHash - SCP_BL2 */
+#define SCP_FW_HASH_OID                                "1.3.6.1.4.1.4128.2100.801"
+/* SCPRomPatchHash - SCP_BL1_PATCH */
+#define SCP_ROM_PATCH_HASH_OID                 "1.3.6.1.4.1.4128.2100.802"
+
+
+/*
+ * Trusted OS Firmware Key Certificate
+ */
+
+/* TrustedOSFirmwareContentCertPK */
+#define TRUSTED_OS_FW_CONTENT_CERT_PK_OID      "1.3.6.1.4.1.4128.2100.901"
+
+
+/*
+ * Trusted OS Firmware Content Certificate
+ */
+
+/* TrustedOSFirmwareHash - BL32 */
+#define TRUSTED_OS_FW_HASH_OID                 "1.3.6.1.4.1.4128.2100.1001"
+
+
+/*
+ * Non-Trusted Firmware Key Certificate
+ */
+
+/* NonTrustedFirmwareContentCertPK */
+#define NON_TRUSTED_FW_CONTENT_CERT_PK_OID     "1.3.6.1.4.1.4128.2100.1101"
+
+
+/*
+ * Non-Trusted Firmware Content Certificate
+ */
+
+/* NonTrustedWorldBootloaderHash - BL33 */
+#define NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID  "1.3.6.1.4.1.4128.2100.1201"
+
+#endif /* __TBBR_OID_H__ */
index 18c41e052e3d9bdfae37c52c000813120a27ceb3..a31e59c0fecd5a8d04d96c503e62d79544656b30 100644 (file)
@@ -128,6 +128,9 @@ TRUSTED_BOARD_BOOT          := 0
 # Build option to choose whether Trusted firmware uses Coherent memory or not.
 USE_COHERENT_MEM               := 1
 
+# Use tbbr_oid.h instead of platform_oid.h
+USE_TBBR_DEFS                  = $(ERROR_DEPRECATED)
+
 # Build verbosity
 V                              := 0
 
index 5ef1580b5803c0d722dc0e3615b563f8cde7a240..c64155fe23ba7638b333a5fd92799c509d225e5f 100644 (file)
@@ -1,9 +1,9 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
-#include "../../../../../include/plat/arm/board/common/board_arm_oid.h"
+#include <tbbr_oid.h>
 
 /*
  * Required platform OIDs
index 5ef1580b5803c0d722dc0e3615b563f8cde7a240..c64155fe23ba7638b333a5fd92799c509d225e5f 100644 (file)
@@ -1,9 +1,9 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
-#include "../../../../../include/plat/arm/board/common/board_arm_oid.h"
+#include <tbbr_oid.h>
 
 /*
  * Required platform OIDs
index 4aa9457dcb893290f47bf457fb8e61fd674ef131..f5a4f315c9837e51ff868f5f212be502d30440ff 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -7,7 +7,11 @@
 #include <assert.h>
 #include <auth/auth_mod.h>
 #include <platform.h>
+#if USE_TBBR_DEFS
+#include <tbbr_oid.h>
+#else
 #include <platform_oid.h>
+#endif
 #include <string.h>
 
 /*
index 989a8e4dc1abb09c378067519bef2523fe5761ff..8a216495b744154a476d756d2607d579a6a48fa8 100644 (file)
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2015-2016, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -27,6 +27,13 @@ MAKE_HELPERS_DIRECTORY := ../../make_helpers/
 include ${MAKE_HELPERS_DIRECTORY}build_macros.mk
 include ${MAKE_HELPERS_DIRECTORY}build_env.mk
 
+ifeq (${USE_TBBR_DEFS},1)
+# In this case, cert_tool is platform-independent
+PLAT_MSG               :=      TBBR Generic
+PLAT_INCLUDE           :=      ../../include/tools_share
+else
+PLAT_MSG               :=      ${PLAT}
+
 PLATFORM_ROOT          :=      ../../plat/
 include ${MAKE_HELPERS_DIRECTORY}plat_helpers.mk
 
@@ -35,6 +42,7 @@ PLAT_INCLUDE          :=      $(wildcard ${PLAT_DIR}include)
 ifeq ($(PLAT_INCLUDE),)
   $(error "Error: Invalid platform '${PLAT}' has no include directory.")
 endif
+endif
 
 ifeq (${DEBUG},1)
   CFLAGS += -g -O0 -DDEBUG -DLOG_LEVEL=40
@@ -47,6 +55,9 @@ else
        Q :=
 endif
 
+$(eval $(call add_define,USE_TBBR_DEFS))
+CFLAGS += ${DEFINES}
+
 # Make soft links and include from local directory otherwise wrong headers
 # could get pulled in from firmware tree.
 INC_DIR := -I ./include -I ${PLAT_INCLUDE} -I ${OPENSSL_DIR}/include
@@ -62,7 +73,7 @@ all: clean ${BINARY}
 ${BINARY}: ${OBJECTS} Makefile
        @echo "  LD      $@"
        @echo 'const char build_msg[] = "Built : "__TIME__", "__DATE__; \
-                const char platform_msg[] = "${PLAT}";' | \
+                const char platform_msg[] = "${PLAT_MSG}";' | \
                 ${CC} -c ${CFLAGS} -xc - -o src/build_msg.o
        ${Q}${CC} src/build_msg.o ${OBJECTS} ${LIB_DIR} ${LIB} -o $@
 
index 62ff2555b61f271919f2c01272f08b88b21972ae..80ccfe93181aa4ac94ab31b6fa08cdad8dc78580 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
 #include <openssl/sha.h>
 #include <openssl/x509v3.h>
 
+#if USE_TBBR_DEFS
+#include <tbbr_oid.h>
+#else
+#include <platform_oid.h>
+#endif
+
 #include "cert.h"
 #include "cmd_opt.h"
 #include "debug.h"
 #include "key.h"
-#include "platform_oid.h"
 #include "sha.h"
 
 #define SERIAL_RAND_BITS       64
index a118fbbb816fb2d3e318ccbb91bdd46c457b0d94..c1bde5dea3b998ee80c7805327c76b5b7cf17dab 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 
+#if USE_TBBR_DEFS
+#include <tbbr_oid.h>
+#else
+#include <platform_oid.h>
+#endif
+
 #include "cert.h"
 #include "cmd_opt.h"
 #include "debug.h"
 #include "key.h"
-#include "platform_oid.h"
 #include "sha.h"
 
 #define MAX_FILENAME_LEN               1024
index e0f331c21e9f22505e36ecba03d6a1caf2dd3e43..99236370cd6711bb93c4a7eb60cb7709776556d2 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
 #include <openssl/sha.h>
 #include <openssl/x509v3.h>
 
+#if USE_TBBR_DEFS
+#include <tbbr_oid.h>
+#else
+#include <platform_oid.h>
+#endif
+
 #include "cert.h"
 #include "cmd_opt.h"
 #include "debug.h"
 #include "ext.h"
 #include "key.h"
-#include "platform_oid.h"
 #include "sha.h"
 #include "tbbr/tbb_ext.h"
 #include "tbbr/tbb_cert.h"
index 11d779b0990a7d784a4665778c0c104b0b52bcbd..d9a8ea265394f0bfc6fe821db7fdd1eff5aee96c 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -8,8 +8,14 @@
 #include <string.h>
 #include <openssl/err.h>
 #include <openssl/x509v3.h>
+
+#if USE_TBBR_DEFS
+#include <tbbr_oid.h>
+#else
+#include <platform_oid.h>
+#endif
+
 #include "ext.h"
-#include "platform_oid.h"
 #include "tbbr/tbb_ext.h"
 #include "tbbr/tbb_key.h"