blob: 4ec7a5ed1f9d6478d9ebc782a23462a4cdc4411b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
|
/** @file
Definitions of Security Protocol & Data Model Specification (SPDM)
version 1.0.0 in Distributed Management Task Force (DMTF).
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef __SPDM_H__
#define __SPDM_H__
#pragma pack(1)
///
/// SPDM response code
///
#define SPDM_DIGESTS 0x01
#define SPDM_CERTIFICATE 0x02
#define SPDM_CHALLENGE_AUTH 0x03
#define SPDM_VERSION 0x04
#define SPDM_MEASUREMENTS 0x60
#define SPDM_CAPABILITIES 0x61
#define SPDM_SET_CERT_RESPONSE 0x62
#define SPDM_ALGORITHMS 0x63
#define SPDM_ERROR 0x7F
///
/// SPDM request code
///
#define SPDM_GET_DIGESTS 0x81
#define SPDM_GET_CERTIFICATE 0x82
#define SPDM_CHALLENGE 0x83
#define SPDM_GET_VERSION 0x84
#define SPDM_GET_MEASUREMENTS 0xE0
#define SPDM_GET_CAPABILITIES 0xE1
#define SPDM_NEGOTIATE_ALGORITHMS 0xE3
#define SPDM_RESPOND_IF_READY 0xFF
///
/// SPDM message header
///
typedef struct {
UINT8 SPDMVersion;
UINT8 RequestResponseCode;
UINT8 Param1;
UINT8 Param2;
} SPDM_MESSAGE_HEADER;
#define SPDM_MESSAGE_VERSION 0x10
///
/// SPDM GET_VERSION request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
} SPDM_GET_VERSION_REQUEST;
///
/// SPDM GET_VERSION response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT8 Reserved;
UINT8 VersionNumberEntryCount;
// SPDM_VERSION_NUMBER VersionNumberEntry[VersionNumberEntryCount];
} SPDM_VERSION_RESPONSE;
///
/// SPDM VERSION structure
///
typedef struct {
UINT16 Alpha : 4;
UINT16 UpdateVersionNumber : 4;
UINT16 MinorVersion : 4;
UINT16 MajorVersion : 4;
} SPDM_VERSION_NUMBER;
///
/// SPDM GET_CAPABILITIES request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
} SPDM_GET_CAPABILITIES_REQUEST;
///
/// SPDM GET_CAPABILITIES response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT8 Reserved;
UINT8 CTExponent;
UINT16 Reserved2;
UINT32 Flags;
} SPDM_CAPABILITIES_RESPONSE;
///
/// SPDM GET_CAPABILITIES response Flags
///
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP BIT0
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP BIT1
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP BIT2
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP (BIT3 | BIT4)
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_NO_SIG BIT3
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG BIT4
#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP BIT5
///
/// SPDM NEGOTIATE_ALGORITHMS request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT16 Length;
UINT8 MeasurementSpecification;
UINT8 Reserved;
UINT32 BaseAsymAlgo;
UINT32 BaseHashAlgo;
UINT8 Reserved2[12];
UINT8 ExtAsymCount;
UINT8 ExtHashCount;
UINT16 Reserved3;
// UINT32 ExtAsym[ExtAsymCount];
// UINT32 ExtHash[ExtHashCount];
} SPDM_NEGOTIATE_ALGORITHMS_REQUEST;
///
/// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo
///
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048 BIT0
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048 BIT1
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072 BIT2
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_3072 BIT3
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256 BIT4
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096 BIT5
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_4096 BIT6
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384 BIT7
#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521 BIT8
///
/// SPDM NEGOTIATE_ALGORITHMS request BaseHashAlgo
///
#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256 BIT0
#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384 BIT1
#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512 BIT2
#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_256 BIT3
#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384 BIT4
#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512 BIT5
///
/// SPDM NEGOTIATE_ALGORITHMS response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT16 Length;
UINT8 MeasurementSpecificationSel;
UINT8 Reserved;
UINT32 MeasurementHashAlgo;
UINT32 BaseAsymSel;
UINT32 BaseHashSel;
UINT8 Reserved2[12];
UINT8 ExtAsymSelCount;
UINT8 ExtHashSelCount;
UINT16 Reserved3;
// UINT32 ExtAsymSel[ExtAsymSelCount];
// UINT32 ExtHashSel[ExtHashSelCount];
} SPDM_ALGORITHMS_RESPONSE;
///
/// SPDM NEGOTIATE_ALGORITHMS response MeasurementHashAlgo
///
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_RAW_BIT_STREAM_ONLY BIT0
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_256 BIT1
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_384 BIT2
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_512 BIT3
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_256 BIT4
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384 BIT5
#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512 BIT6
///
/// SPDM GET_DIGESTS request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
} SPDM_GET_DIGESTS_REQUEST;
///
/// SPDM GET_DIGESTS response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
// UINT8 Digest[DigestSize];
} SPDM_DIGESTS_RESPONSE;
///
/// SPDM GET_DIGESTS request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT16 Offset;
UINT16 Length;
} SPDM_GET_CERTIFICATE_REQUEST;
///
/// SPDM GET_DIGESTS response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT16 PortionLength;
UINT16 RemainderLength;
// UINT8 CertChain[CertChainSize];
} SPDM_CERTIFICATE_RESPONSE;
///
/// SPDM CHALLENGE request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT8 Nonce[32];
} SPDM_CHALLENGE_REQUEST;
///
/// SPDM CHALLENGE response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
// UINT8 CertChainHash[DigestSize];
// UINT8 Nonce[32];
// UINT8 MeasurementSummaryHash[DigestSize];
// UINT16 OpaqueLength;
// UINT8 OpaqueData[OpaqueLength];
// UINT8 Signature[KeySize];
} SPDM_CHALLENGE_AUTH_RESPONSE;
///
/// SPDM GET_MEASUREMENTS request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT8 Nonce[32];
} SPDM_GET_MEASUREMENTS_REQUEST;
///
/// SPDM MEASUREMENTS block common header
///
typedef struct {
UINT8 Index;
UINT8 MeasurementSpecification;
UINT16 MeasurementSize;
// UINT8 Measurement[MeasurementSize];
} SPDM_MEASUREMENT_BLOCK_COMMON_HEADER;
#define SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF BIT0
///
/// SPDM MEASUREMENTS block DMTF header
///
typedef struct {
UINT8 DMTFSpecMeasurementValueType;
UINT16 DMTFSpecMeasurementValueSize;
// UINT8 DMTFSpecMeasurementValue[DMTFSpecMeasurementValueSize];
} SPDM_MEASUREMENT_BLOCK_DMTF_HEADER;
///
/// SPDM MEASUREMENTS block MeasurementValueType
///
#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_IMMUTABLE_ROM 0
#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MUTABLE_FIRMWARE 1
#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_HARDWARE_CONFIGURATION 2
#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_FIRMWARE_CONFIGURATION 3
#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_RAW_BIT_STREAM BIT7
///
/// SPDM GET_MEASUREMENTS response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
UINT8 NumberOfBlocks;
UINT8 MeasurementRecordLength[3];
// UINT8 MeasurementRecord[MeasurementRecordLength];
// UINT8 Nonce[32];
// UINT16 OpaqueLength;
// UINT8 OpaqueData[OpaqueLength];
// UINT8 Signature[KeySize];
} SPDM_MEASUREMENTS_RESPONSE;
///
/// SPDM ERROR response
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
// Param1 == Error Code
// Param2 == Error Data
// UINT8 ExtendedErrorData[];
} SPDM_ERROR_RESPONSE;
///
/// SPDM error code
///
#define SPDM_ERROR_CODE_INVALID_REQUEST 0x01
#define SPDM_ERROR_CODE_BUSY 0x03
#define SPDM_ERROR_CODE_UNEXPECTED_REQUEST 0x04
#define SPDM_ERROR_CODE_UNSPECIFIED 0x05
#define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST 0x07
#define SPDM_ERROR_CODE_MAJOR_VERSION_MISMATCH 0x41
#define SPDM_ERROR_CODE_RESPONSE_NOT_READY 0x42
#define SPDM_ERROR_CODE_REQUEST_RESYNCH 0x43
///
/// SPDM RESPONSE_IF_READY request
///
typedef struct {
SPDM_MESSAGE_HEADER Header;
// Param1 == RequestCode
// Param2 == Token
} SPDM_RESPONSE_IF_READY_REQUEST;
#pragma pack()
#endif
|
