docs(arm): add ARM_ROTPK_LOCATION variant full key

Updating documentation to reflect the new ARM_ROTPK_LOCATION variant of
the full ROTPK, as opposed to the hash of it.

Change-Id: I0f83c519bd607ef1270c7d30ee9bc55451ce4ae2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

diff --git a/docs/design/trusted-board-boot-build.rst b/docs/design/trusted-board-boot-build.rst
index c3f3a2f53a34eab8c7faf9f8d54fdbe48b479ebd..caf367b66ffdf3b49230cfd96a42955c7bdb4236 100644 (file)
--- a/docs/design/trusted-board-boot-build.rst
+++ b/docs/design/trusted-board-boot-build.rst
@@ -42,7 +42,7 @@ images with support for these features:
    are loaded from that path instead of the default OS path. Export this
    variable if necessary.
 
-   In the case of Arm platforms, the location of the ROTPK hash must also be
+   In the case of Arm platforms, the location of the ROTPK must also be
    specified at build time. The following locations are currently supported (see
    ``ARM_ROTPK_LOCATION`` build option):
 
@@ -62,6 +62,9 @@ images with support for these features:
       ``plat/arm/board/common/rotpk/arm_rotpk_ecdsa_sha256.bin``. Enforce
       generation of the new hash if ``ROT_KEY`` is specified.
 
+   -  ``ARM_ROTPK_LOCATION=devel_full_dev_rsa_key``: use the key located in
+      ``plat/arm/board/common/rotpk/arm_full_dev_rsa_rotpk.S``.
+
    Example of command line using RSA development keys:
 
    .. code:: shell

diff --git a/docs/plat/arm/arm-build-options.rst b/docs/plat/arm/arm-build-options.rst
index 407c04bbb4ff53e20b826b5db555bfa82dd456fd..68eb3ecd6d6efc395d973d7a65e6babb61e087b9 100644 (file)
--- a/docs/plat/arm/arm-build-options.rst
+++ b/docs/plat/arm/arm-build-options.rst
@@ -49,7 +49,7 @@ Arm Platform Build Options
    field of power-state parameter.
 
 -  ``ARM_ROTPK_LOCATION``: used when ``TRUSTED_BOARD_BOOT=1``. It specifies the
-   location of the ROTPK hash returned by the function ``plat_get_rotpk_info()``
+   location of the ROTPK returned by the function ``plat_get_rotpk_info()``
    for Arm platforms. Depending on the selected option, the proper private key
    must be specified using the ``ROT_KEY`` option when building the Trusted
    Firmware. This private key will be used by the certificate generation tool
@@ -68,12 +68,16 @@ Arm Platform Build Options
       ``arm_rotpk_ecdsa.der``, located in ``plat/arm/board/common/rotpk``. To
       use this option, ``arm_rotprivk_ecdsa.pem`` must be specified as
       ``ROT_KEY`` when creating the certificates.
-
--  ``ARM_ROTPK_HASH``: used when ``ARM_ROTPK_LOCATION=devel_*``. Specifies the
-   location of the ROTPK hash. Not expected to be a build option. This defaults to
-   ``plat/arm/board/common/rotpk/*_sha256.bin`` depending on the specified algorithm.
-   Providing ``ROT_KEY`` enforces generation of the hash from the ``ROT_KEY`` and
-   overwrites the default hash file.
+   -  ``devel_full_dev_rsa_key`` : returns a development public key embedded in
+      the BL1 and BL2 binaries. This key has been obtained from the RSA public
+      key ``arm_rotpk_rsa.der``, located in ``plat/arm/board/common/rotpk``.
+
+-  ``ARM_ROTPK_HASH``: used when ``ARM_ROTPK_LOCATION=devel_*``, excluding
+   ``devel_full_dev_rsa_key``. Specifies the location of the ROTPK hash. Not
+   expected to be a build option. This defaults to
+   ``plat/arm/board/common/rotpk/*_sha256.bin`` depending on the specified
+   algorithm. Providing ``ROT_KEY`` enforces generation of the hash from the
+   ``ROT_KEY`` and overwrites the default hash file.
 
 -  ``ARM_TSP_RAM_LOCATION``: location of the TSP binary. Options: