MdePkg/Include/IndustryStandard/Spdm.h

   1 /** @file
   2   Definitions of Security Protocol & Data Model Specification (SPDM)
   3   version 1.0.0 in Distributed Management Task Force (DMTF).
   4
   5 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
   6 SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9
  10
  11 #ifndef __SPDM_H__
  12 #define __SPDM_H__
  13
  14 #pragma pack(1)
  15
  16 ///
  17 /// SPDM response code
  18 ///
  19 #define SPDM_DIGESTS               0x01
  20 #define SPDM_CERTIFICATE           0x02
  21 #define SPDM_CHALLENGE_AUTH        0x03
  22 #define SPDM_VERSION               0x04
  23 #define SPDM_MEASUREMENTS          0x60
  24 #define SPDM_CAPABILITIES          0x61
  25 #define SPDM_SET_CERT_RESPONSE     0x62
  26 #define SPDM_ALGORITHMS            0x63
  27 #define SPDM_ERROR                 0x7F
  28 ///
  29 /// SPDM request code
  30 ///
  31 #define SPDM_GET_DIGESTS           0x81
  32 #define SPDM_GET_CERTIFICATE       0x82
  33 #define SPDM_CHALLENGE             0x83
  34 #define SPDM_GET_VERSION           0x84
  35 #define SPDM_GET_MEASUREMENTS      0xE0
  36 #define SPDM_GET_CAPABILITIES      0xE1
  37 #define SPDM_NEGOTIATE_ALGORITHMS  0xE3
  38 #define SPDM_RESPOND_IF_READY      0xFF
  39
  40 ///
  41 /// SPDM message header
  42 ///
  43 typedef struct {
  44   UINT8   SPDMVersion;
  45   UINT8   RequestResponseCode;
  46   UINT8   Param1;
  47   UINT8   Param2;
  48 } SPDM_MESSAGE_HEADER;
  49
  50 #define SPDM_MESSAGE_VERSION  0x10
  51
  52 ///
  53 /// SPDM GET_VERSION request
  54 ///
  55 typedef struct {
  56   SPDM_MESSAGE_HEADER  Header;
  57 } SPDM_GET_VERSION_REQUEST;
  58
  59 ///
  60 /// SPDM GET_VERSION response
  61 ///
  62 typedef struct {
  63   SPDM_MESSAGE_HEADER  Header;
  64   UINT8                Reserved;
  65   UINT8                VersionNumberEntryCount;
  66 //SPDM_VERSION_NUMBER  VersionNumberEntry[VersionNumberEntryCount];
  67 } SPDM_VERSION_RESPONSE;
  68
  69 ///
  70 /// SPDM VERSION structure
  71 ///
  72 typedef struct {
  73   UINT16               Alpha:4;
  74   UINT16               UpdateVersionNumber:4;
  75   UINT16               MinorVersion:4;
  76   UINT16               MajorVersion:4;
  77 } SPDM_VERSION_NUMBER;
  78
  79 ///
  80 /// SPDM GET_CAPABILITIES request
  81 ///
  82 typedef struct {
  83   SPDM_MESSAGE_HEADER  Header;
  84 } SPDM_GET_CAPABILITIES_REQUEST;
  85
  86 ///
  87 /// SPDM GET_CAPABILITIES response
  88 ///
  89 typedef struct {
  90   SPDM_MESSAGE_HEADER  Header;
  91   UINT8                Reserved;
  92   UINT8                CTExponent;
  93   UINT16               Reserved2;
  94   UINT32               Flags;
  95 } SPDM_CAPABILITIES_RESPONSE;
  96
  97 ///
  98 /// SPDM GET_CAPABILITIES response Flags
  99 ///
 100 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP       BIT0
 101 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP        BIT1
 102 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP        BIT2
 103 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP        (BIT3 | BIT4)
 104 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_NO_SIG   BIT3
 105 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG      BIT4
 106 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP  BIT5
 107
 108 ///
 109 /// SPDM NEGOTIATE_ALGORITHMS request
 110 ///
 111 typedef struct {
 112   SPDM_MESSAGE_HEADER  Header;
 113   UINT16               Length;
 114   UINT8                MeasurementSpecification;
 115   UINT8                Reserved;
 116   UINT32               BaseAsymAlgo;
 117   UINT32               BaseHashAlgo;
 118   UINT8                Reserved2[12];
 119   UINT8                ExtAsymCount;
 120   UINT8                ExtHashCount;
 121   UINT16               Reserved3;
 122 //UINT32               ExtAsym[ExtAsymCount];
 123 //UINT32               ExtHash[ExtHashCount];
 124 } SPDM_NEGOTIATE_ALGORITHMS_REQUEST;
 125
 126 ///
 127 /// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo
 128 ///
 129 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048           BIT0
 130 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048           BIT1
 131 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072           BIT2
 132 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_3072           BIT3
 133 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256   BIT4
 134 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096           BIT5
 135 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_4096           BIT6
 136 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384   BIT7
 137 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521   BIT8
 138
 139 ///
 140 /// SPDM NEGOTIATE_ALGORITHMS request BaseHashAlgo
 141 ///
 142 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256               BIT0
 143 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384               BIT1
 144 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512               BIT2
 145 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_256              BIT3
 146 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384              BIT4
 147 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512              BIT5
 148
 149 ///
 150 /// SPDM NEGOTIATE_ALGORITHMS response
 151 ///
 152 typedef struct {
 153   SPDM_MESSAGE_HEADER  Header;
 154   UINT16               Length;
 155   UINT8                MeasurementSpecificationSel;
 156   UINT8                Reserved;
 157   UINT32               MeasurementHashAlgo;
 158   UINT32               BaseAsymSel;
 159   UINT32               BaseHashSel;
 160   UINT8                Reserved2[12];
 161   UINT8                ExtAsymSelCount;
 162   UINT8                ExtHashSelCount;
 163   UINT16               Reserved3;
 164 //UINT32               ExtAsymSel[ExtAsymSelCount];
 165 //UINT32               ExtHashSel[ExtHashSelCount];
 166 } SPDM_ALGORITHMS_RESPONSE;
 167
 168 ///
 169 /// SPDM NEGOTIATE_ALGORITHMS response MeasurementHashAlgo
 170 ///
 171 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_RAW_BIT_STREAM_ONLY BIT0
 172 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_256     BIT1
 173 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_384     BIT2
 174 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_512     BIT3
 175 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_256    BIT4
 176 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384    BIT5
 177 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512    BIT6
 178
 179 ///
 180 /// SPDM GET_DIGESTS request
 181 ///
 182 typedef struct {
 183   SPDM_MESSAGE_HEADER  Header;
 184 } SPDM_GET_DIGESTS_REQUEST;
 185
 186 ///
 187 /// SPDM GET_DIGESTS response
 188 ///
 189 typedef struct {
 190   SPDM_MESSAGE_HEADER  Header;
 191 //UINT8                Digest[DigestSize];
 192 } SPDM_DIGESTS_RESPONSE;
 193
 194 ///
 195 /// SPDM GET_DIGESTS request
 196 ///
 197 typedef struct {
 198   SPDM_MESSAGE_HEADER  Header;
 199   UINT16               Offset;
 200   UINT16               Length;
 201 } SPDM_GET_CERTIFICATE_REQUEST;
 202
 203 ///
 204 /// SPDM GET_DIGESTS response
 205 ///
 206 typedef struct {
 207   SPDM_MESSAGE_HEADER  Header;
 208   UINT16               PortionLength;
 209   UINT16               RemainderLength;
 210 //UINT8                CertChain[CertChainSize];
 211 } SPDM_CERTIFICATE_RESPONSE;
 212
 213 ///
 214 /// SPDM CHALLENGE request
 215 ///
 216 typedef struct {
 217   SPDM_MESSAGE_HEADER  Header;
 218   UINT8                Nonce[32];
 219 } SPDM_CHALLENGE_REQUEST;
 220
 221 ///
 222 /// SPDM CHALLENGE response
 223 ///
 224 typedef struct {
 225   SPDM_MESSAGE_HEADER  Header;
 226 //UINT8                CertChainHash[DigestSize];
 227 //UINT8                Nonce[32];
 228 //UINT8                MeasurementSummaryHash[DigestSize];
 229 //UINT16               OpaqueLength;
 230 //UINT8                OpaqueData[OpaqueLength];
 231 //UINT8                Signature[KeySize];
 232 } SPDM_CHALLENGE_AUTH_RESPONSE;
 233
 234 ///
 235 /// SPDM GET_MEASUREMENTS request
 236 ///
 237 typedef struct {
 238   SPDM_MESSAGE_HEADER  Header;
 239   UINT8                Nonce[32];
 240 } SPDM_GET_MEASUREMENTS_REQUEST;
 241
 242 ///
 243 /// SPDM MEASUREMENTS block common header
 244 ///
 245 typedef struct {
 246   UINT8                Index;
 247   UINT8                MeasurementSpecification;
 248   UINT16               MeasurementSize;
 249 //UINT8                Measurement[MeasurementSize];
 250 } SPDM_MEASUREMENT_BLOCK_COMMON_HEADER;
 251
 252 #define SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF BIT0
 253
 254 ///
 255 /// SPDM MEASUREMENTS block DMTF header
 256 ///
 257 typedef struct {
 258   UINT8                DMTFSpecMeasurementValueType;
 259   UINT16               DMTFSpecMeasurementValueSize;
 260 //UINT8                DMTFSpecMeasurementValue[DMTFSpecMeasurementValueSize];
 261 } SPDM_MEASUREMENT_BLOCK_DMTF_HEADER;
 262
 263 ///
 264 /// SPDM MEASUREMENTS block MeasurementValueType
 265 ///
 266 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_IMMUTABLE_ROM           0
 267 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MUTABLE_FIRMWARE        1
 268 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_HARDWARE_CONFIGURATION  2
 269 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_FIRMWARE_CONFIGURATION  3
 270 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_RAW_BIT_STREAM          BIT7
 271
 272 ///
 273 /// SPDM GET_MEASUREMENTS response
 274 ///
 275 typedef struct {
 276   SPDM_MESSAGE_HEADER  Header;
 277   UINT8                NumberOfBlocks;
 278   UINT8                MeasurementRecordLength[3];
 279 //UINT8                MeasurementRecord[MeasurementRecordLength];
 280 //UINT8                Nonce[32];
 281 //UINT16               OpaqueLength;
 282 //UINT8                OpaqueData[OpaqueLength];
 283 //UINT8                Signature[KeySize];
 284 } SPDM_MEASUREMENTS_RESPONSE;
 285
 286 ///
 287 /// SPDM ERROR response
 288 ///
 289 typedef struct {
 290   SPDM_MESSAGE_HEADER  Header;
 291   // Param1 == Error Code
 292   // Param2 == Error Data
 293 //UINT8                ExtendedErrorData[];
 294 } SPDM_ERROR_RESPONSE;
 295
 296 ///
 297 /// SPDM error code
 298 ///
 299 #define SPDM_ERROR_CODE_INVALID_REQUEST         0x01
 300 #define SPDM_ERROR_CODE_BUSY                    0x03
 301 #define SPDM_ERROR_CODE_UNEXPECTED_REQUEST      0x04
 302 #define SPDM_ERROR_CODE_UNSPECIFIED             0x05
 303 #define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST     0x07
 304 #define SPDM_ERROR_CODE_MAJOR_VERSION_MISMATCH  0x41
 305 #define SPDM_ERROR_CODE_RESPONSE_NOT_READY      0x42
 306 #define SPDM_ERROR_CODE_REQUEST_RESYNCH         0x43
 307
 308 ///
 309 /// SPDM RESPONSE_IF_READY request
 310 ///
 311 typedef struct {
 312   SPDM_MESSAGE_HEADER  Header;
 313   // Param1 == RequestCode
 314   // Param2 == Token
 315 } SPDM_RESPONSE_IF_READY_REQUEST;
 316
 317 #pragma pack()
 318
 319 #endif
 320