Developer

Resources

Encoding of Brew MP-Specific Extensions

Brew MP Signing Certificates include Qualcomm-defined X.509 extensions, as described in earlier chapters. This section describes the coding and ASN.1 definitions for each.

Privileges

The privileges (OID 1.3.6.1.4.1.1449.9.4.1.11) extension is encoded using 32-bit unsigned integers, in little-endian format, in a structure defined in pseudo C as follows:

typedef unsigned int uint32 //32 bit unsigned integer

typedef uint32 Privilege;

typedef structure PrivilegeRange {
 Privilege lo;
 Privilege hi;
} PrivilegeRange;

typedef structure EncodedPrivileges {
 uint32 nbrOfRanges;
 PrivilegeRange idRanges[]; //optional array with 'nbrOfRanges' entries
 Privilege singleIds[];  //optional array
} EncodedPrivileges;

Trusted code groups

The trustedCodeGroups (OID 1.3.6.1.4.1.1449.94.1.10) extension is encoded using 32-bit unsigned integers, in little-endian format, in a structure defined in pseudo C as follows:

typedef unsigned int uint32 //32 bit unsigned integer

typedef uint32 Tcg;

typedef structure TcgRange {
 Tcg lo;
 Tcg hi;
} TcgRange;

typedef structure EncodedTcgs {
 uint32 nbrOfRanges;
 TcgRange idRanges[]; //optional array with 'nbrOfRanges' entries
 Tcg singleIds[];  //optional array
} EncodedTcgs;

Capabilities

The capabilities (OID 1.3.6.1.4.1.1449.9.4.1.12) extension is encoded as a DER bit string with the following ASN.1 definition:

apiOneCapabilities ::= BIT STRING
{ 
 noSignedFiles (0),
 noDate (1),
 noHwSn (2)
}
  • Follow