2 Definitions of Security Protocol & Data Model Specification (SPDM)
3 version 1.0.0 in Distributed Management Task Force (DMTF).
5 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
17 /// SPDM response code
19 #define SPDM_DIGESTS 0x01
20 #define SPDM_CERTIFICATE 0x02
21 #define SPDM_CHALLENGE_AUTH 0x03
22 #define SPDM_VERSION 0x04
23 #define SPDM_MEASUREMENTS 0x60
24 #define SPDM_CAPABILITIES 0x61
25 #define SPDM_SET_CERT_RESPONSE 0x62
26 #define SPDM_ALGORITHMS 0x63
27 #define SPDM_ERROR 0x7F
31 #define SPDM_GET_DIGESTS 0x81
32 #define SPDM_GET_CERTIFICATE 0x82
33 #define SPDM_CHALLENGE 0x83
34 #define SPDM_GET_VERSION 0x84
35 #define SPDM_GET_MEASUREMENTS 0xE0
36 #define SPDM_GET_CAPABILITIES 0xE1
37 #define SPDM_NEGOTIATE_ALGORITHMS 0xE3
38 #define SPDM_RESPOND_IF_READY 0xFF
41 /// SPDM message header
45 UINT8 RequestResponseCode
;
48 } SPDM_MESSAGE_HEADER
;
50 #define SPDM_MESSAGE_VERSION 0x10
53 /// SPDM GET_VERSION request
56 SPDM_MESSAGE_HEADER Header
;
57 } SPDM_GET_VERSION_REQUEST
;
60 /// SPDM GET_VERSION response
63 SPDM_MESSAGE_HEADER Header
;
65 UINT8 VersionNumberEntryCount
;
66 //SPDM_VERSION_NUMBER VersionNumberEntry[VersionNumberEntryCount];
67 } SPDM_VERSION_RESPONSE
;
70 /// SPDM VERSION structure
74 UINT16 UpdateVersionNumber
:4;
75 UINT16 MinorVersion
:4;
76 UINT16 MajorVersion
:4;
77 } SPDM_VERSION_NUMBER
;
80 /// SPDM GET_CAPABILITIES request
83 SPDM_MESSAGE_HEADER Header
;
84 } SPDM_GET_CAPABILITIES_REQUEST
;
87 /// SPDM GET_CAPABILITIES response
90 SPDM_MESSAGE_HEADER Header
;
95 } SPDM_CAPABILITIES_RESPONSE
;
98 /// SPDM GET_CAPABILITIES response Flags
100 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP BIT0
101 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP BIT1
102 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP BIT2
103 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP (BIT3 | BIT4)
104 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_NO_SIG BIT3
105 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG BIT4
106 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP BIT5
109 /// SPDM NEGOTIATE_ALGORITHMS request
112 SPDM_MESSAGE_HEADER Header
;
114 UINT8 MeasurementSpecification
;
122 //UINT32 ExtAsym[ExtAsymCount];
123 //UINT32 ExtHash[ExtHashCount];
124 } SPDM_NEGOTIATE_ALGORITHMS_REQUEST
;
127 /// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo
129 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048 BIT0
130 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048 BIT1
131 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072 BIT2
132 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_3072 BIT3
133 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256 BIT4
134 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096 BIT5
135 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_4096 BIT6
136 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384 BIT7
137 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521 BIT8
140 /// SPDM NEGOTIATE_ALGORITHMS request BaseHashAlgo
142 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256 BIT0
143 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384 BIT1
144 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512 BIT2
145 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_256 BIT3
146 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384 BIT4
147 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512 BIT5
150 /// SPDM NEGOTIATE_ALGORITHMS response
153 SPDM_MESSAGE_HEADER Header
;
155 UINT8 MeasurementSpecificationSel
;
157 UINT32 MeasurementHashAlgo
;
161 UINT8 ExtAsymSelCount
;
162 UINT8 ExtHashSelCount
;
164 //UINT32 ExtAsymSel[ExtAsymSelCount];
165 //UINT32 ExtHashSel[ExtHashSelCount];
166 } SPDM_ALGORITHMS_RESPONSE
;
169 /// SPDM NEGOTIATE_ALGORITHMS response MeasurementHashAlgo
171 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_RAW_BIT_STREAM_ONLY BIT0
172 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_256 BIT1
173 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_384 BIT2
174 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_512 BIT3
175 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_256 BIT4
176 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384 BIT5
177 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512 BIT6
180 /// SPDM GET_DIGESTS request
183 SPDM_MESSAGE_HEADER Header
;
184 } SPDM_GET_DIGESTS_REQUEST
;
187 /// SPDM GET_DIGESTS response
190 SPDM_MESSAGE_HEADER Header
;
191 //UINT8 Digest[DigestSize];
192 } SPDM_DIGESTS_RESPONSE
;
195 /// SPDM GET_DIGESTS request
198 SPDM_MESSAGE_HEADER Header
;
201 } SPDM_GET_CERTIFICATE_REQUEST
;
204 /// SPDM GET_DIGESTS response
207 SPDM_MESSAGE_HEADER Header
;
208 UINT16 PortionLength
;
209 UINT16 RemainderLength
;
210 //UINT8 CertChain[CertChainSize];
211 } SPDM_CERTIFICATE_RESPONSE
;
214 /// SPDM CHALLENGE request
217 SPDM_MESSAGE_HEADER Header
;
219 } SPDM_CHALLENGE_REQUEST
;
222 /// SPDM CHALLENGE response
225 SPDM_MESSAGE_HEADER Header
;
226 //UINT8 CertChainHash[DigestSize];
228 //UINT8 MeasurementSummaryHash[DigestSize];
229 //UINT16 OpaqueLength;
230 //UINT8 OpaqueData[OpaqueLength];
231 //UINT8 Signature[KeySize];
232 } SPDM_CHALLENGE_AUTH_RESPONSE
;
235 /// SPDM GET_MEASUREMENTS request
238 SPDM_MESSAGE_HEADER Header
;
240 } SPDM_GET_MEASUREMENTS_REQUEST
;
243 /// SPDM MEASUREMENTS block common header
247 UINT8 MeasurementSpecification
;
248 UINT16 MeasurementSize
;
249 //UINT8 Measurement[MeasurementSize];
250 } SPDM_MEASUREMENT_BLOCK_COMMON_HEADER
;
252 #define SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF BIT0
255 /// SPDM MEASUREMENTS block DMTF header
258 UINT8 DMTFSpecMeasurementValueType
;
259 UINT16 DMTFSpecMeasurementValueSize
;
260 //UINT8 DMTFSpecMeasurementValue[DMTFSpecMeasurementValueSize];
261 } SPDM_MEASUREMENT_BLOCK_DMTF_HEADER
;
264 /// SPDM MEASUREMENTS block MeasurementValueType
266 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_IMMUTABLE_ROM 0
267 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MUTABLE_FIRMWARE 1
268 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_HARDWARE_CONFIGURATION 2
269 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_FIRMWARE_CONFIGURATION 3
270 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_RAW_BIT_STREAM BIT7
273 /// SPDM GET_MEASUREMENTS response
276 SPDM_MESSAGE_HEADER Header
;
277 UINT8 NumberOfBlocks
;
278 UINT8 MeasurementRecordLength
[3];
279 //UINT8 MeasurementRecord[MeasurementRecordLength];
281 //UINT16 OpaqueLength;
282 //UINT8 OpaqueData[OpaqueLength];
283 //UINT8 Signature[KeySize];
284 } SPDM_MEASUREMENTS_RESPONSE
;
287 /// SPDM ERROR response
290 SPDM_MESSAGE_HEADER Header
;
291 // Param1 == Error Code
292 // Param2 == Error Data
293 //UINT8 ExtendedErrorData[];
294 } SPDM_ERROR_RESPONSE
;
299 #define SPDM_ERROR_CODE_INVALID_REQUEST 0x01
300 #define SPDM_ERROR_CODE_BUSY 0x03
301 #define SPDM_ERROR_CODE_UNEXPECTED_REQUEST 0x04
302 #define SPDM_ERROR_CODE_UNSPECIFIED 0x05
303 #define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST 0x07
304 #define SPDM_ERROR_CODE_MAJOR_VERSION_MISMATCH 0x41
305 #define SPDM_ERROR_CODE_RESPONSE_NOT_READY 0x42
306 #define SPDM_ERROR_CODE_REQUEST_RESYNCH 0x43
309 /// SPDM RESPONSE_IF_READY request
312 SPDM_MESSAGE_HEADER Header
;
313 // Param1 == RequestCode
315 } SPDM_RESPONSE_IF_READY_REQUEST
;