2 Definitions of Security Protocol & Data Model Specification (SPDM)
3 version 1.0.0 in Distributed Management Task Force (DMTF).
5 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
16 /// SPDM response code
18 #define SPDM_DIGESTS 0x01
19 #define SPDM_CERTIFICATE 0x02
20 #define SPDM_CHALLENGE_AUTH 0x03
21 #define SPDM_VERSION 0x04
22 #define SPDM_MEASUREMENTS 0x60
23 #define SPDM_CAPABILITIES 0x61
24 #define SPDM_SET_CERT_RESPONSE 0x62
25 #define SPDM_ALGORITHMS 0x63
26 #define SPDM_ERROR 0x7F
30 #define SPDM_GET_DIGESTS 0x81
31 #define SPDM_GET_CERTIFICATE 0x82
32 #define SPDM_CHALLENGE 0x83
33 #define SPDM_GET_VERSION 0x84
34 #define SPDM_GET_MEASUREMENTS 0xE0
35 #define SPDM_GET_CAPABILITIES 0xE1
36 #define SPDM_NEGOTIATE_ALGORITHMS 0xE3
37 #define SPDM_RESPOND_IF_READY 0xFF
40 /// SPDM message header
44 UINT8 RequestResponseCode
;
47 } SPDM_MESSAGE_HEADER
;
49 #define SPDM_MESSAGE_VERSION 0x10
52 /// SPDM GET_VERSION request
55 SPDM_MESSAGE_HEADER Header
;
56 } SPDM_GET_VERSION_REQUEST
;
59 /// SPDM GET_VERSION response
62 SPDM_MESSAGE_HEADER Header
;
64 UINT8 VersionNumberEntryCount
;
65 // SPDM_VERSION_NUMBER VersionNumberEntry[VersionNumberEntryCount];
66 } SPDM_VERSION_RESPONSE
;
69 /// SPDM VERSION structure
73 UINT16 UpdateVersionNumber
: 4;
74 UINT16 MinorVersion
: 4;
75 UINT16 MajorVersion
: 4;
76 } SPDM_VERSION_NUMBER
;
79 /// SPDM GET_CAPABILITIES request
82 SPDM_MESSAGE_HEADER Header
;
83 } SPDM_GET_CAPABILITIES_REQUEST
;
86 /// SPDM GET_CAPABILITIES response
89 SPDM_MESSAGE_HEADER Header
;
94 } SPDM_CAPABILITIES_RESPONSE
;
97 /// SPDM GET_CAPABILITIES response Flags
99 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP BIT0
100 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP BIT1
101 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP BIT2
102 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP (BIT3 | BIT4)
103 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_NO_SIG BIT3
104 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG BIT4
105 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP BIT5
108 /// SPDM NEGOTIATE_ALGORITHMS request
111 SPDM_MESSAGE_HEADER Header
;
113 UINT8 MeasurementSpecification
;
121 // UINT32 ExtAsym[ExtAsymCount];
122 // UINT32 ExtHash[ExtHashCount];
123 } SPDM_NEGOTIATE_ALGORITHMS_REQUEST
;
126 /// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo
128 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048 BIT0
129 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048 BIT1
130 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072 BIT2
131 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_3072 BIT3
132 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256 BIT4
133 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096 BIT5
134 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_4096 BIT6
135 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384 BIT7
136 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521 BIT8
139 /// SPDM NEGOTIATE_ALGORITHMS request BaseHashAlgo
141 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256 BIT0
142 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384 BIT1
143 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512 BIT2
144 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_256 BIT3
145 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384 BIT4
146 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512 BIT5
149 /// SPDM NEGOTIATE_ALGORITHMS response
152 SPDM_MESSAGE_HEADER Header
;
154 UINT8 MeasurementSpecificationSel
;
156 UINT32 MeasurementHashAlgo
;
160 UINT8 ExtAsymSelCount
;
161 UINT8 ExtHashSelCount
;
163 // UINT32 ExtAsymSel[ExtAsymSelCount];
164 // UINT32 ExtHashSel[ExtHashSelCount];
165 } SPDM_ALGORITHMS_RESPONSE
;
168 /// SPDM NEGOTIATE_ALGORITHMS response MeasurementHashAlgo
170 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_RAW_BIT_STREAM_ONLY BIT0
171 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_256 BIT1
172 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_384 BIT2
173 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_512 BIT3
174 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_256 BIT4
175 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384 BIT5
176 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512 BIT6
179 /// SPDM GET_DIGESTS request
182 SPDM_MESSAGE_HEADER Header
;
183 } SPDM_GET_DIGESTS_REQUEST
;
186 /// SPDM GET_DIGESTS response
189 SPDM_MESSAGE_HEADER Header
;
190 // UINT8 Digest[DigestSize];
191 } SPDM_DIGESTS_RESPONSE
;
194 /// SPDM GET_DIGESTS request
197 SPDM_MESSAGE_HEADER Header
;
200 } SPDM_GET_CERTIFICATE_REQUEST
;
203 /// SPDM GET_DIGESTS response
206 SPDM_MESSAGE_HEADER Header
;
207 UINT16 PortionLength
;
208 UINT16 RemainderLength
;
209 // UINT8 CertChain[CertChainSize];
210 } SPDM_CERTIFICATE_RESPONSE
;
213 /// SPDM CHALLENGE request
216 SPDM_MESSAGE_HEADER Header
;
218 } SPDM_CHALLENGE_REQUEST
;
221 /// SPDM CHALLENGE response
224 SPDM_MESSAGE_HEADER Header
;
225 // UINT8 CertChainHash[DigestSize];
227 // UINT8 MeasurementSummaryHash[DigestSize];
228 // UINT16 OpaqueLength;
229 // UINT8 OpaqueData[OpaqueLength];
230 // UINT8 Signature[KeySize];
231 } SPDM_CHALLENGE_AUTH_RESPONSE
;
234 /// SPDM GET_MEASUREMENTS request
237 SPDM_MESSAGE_HEADER Header
;
239 } SPDM_GET_MEASUREMENTS_REQUEST
;
242 /// SPDM MEASUREMENTS block common header
246 UINT8 MeasurementSpecification
;
247 UINT16 MeasurementSize
;
248 // UINT8 Measurement[MeasurementSize];
249 } SPDM_MEASUREMENT_BLOCK_COMMON_HEADER
;
251 #define SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF BIT0
254 /// SPDM MEASUREMENTS block DMTF header
257 UINT8 DMTFSpecMeasurementValueType
;
258 UINT16 DMTFSpecMeasurementValueSize
;
259 // UINT8 DMTFSpecMeasurementValue[DMTFSpecMeasurementValueSize];
260 } SPDM_MEASUREMENT_BLOCK_DMTF_HEADER
;
263 /// SPDM MEASUREMENTS block MeasurementValueType
265 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_IMMUTABLE_ROM 0
266 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MUTABLE_FIRMWARE 1
267 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_HARDWARE_CONFIGURATION 2
268 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_FIRMWARE_CONFIGURATION 3
269 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_RAW_BIT_STREAM BIT7
272 /// SPDM GET_MEASUREMENTS response
275 SPDM_MESSAGE_HEADER Header
;
276 UINT8 NumberOfBlocks
;
277 UINT8 MeasurementRecordLength
[3];
278 // UINT8 MeasurementRecord[MeasurementRecordLength];
280 // UINT16 OpaqueLength;
281 // UINT8 OpaqueData[OpaqueLength];
282 // UINT8 Signature[KeySize];
283 } SPDM_MEASUREMENTS_RESPONSE
;
286 /// SPDM ERROR response
289 SPDM_MESSAGE_HEADER Header
;
290 // Param1 == Error Code
291 // Param2 == Error Data
292 // UINT8 ExtendedErrorData[];
293 } SPDM_ERROR_RESPONSE
;
298 #define SPDM_ERROR_CODE_INVALID_REQUEST 0x01
299 #define SPDM_ERROR_CODE_BUSY 0x03
300 #define SPDM_ERROR_CODE_UNEXPECTED_REQUEST 0x04
301 #define SPDM_ERROR_CODE_UNSPECIFIED 0x05
302 #define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST 0x07
303 #define SPDM_ERROR_CODE_MAJOR_VERSION_MISMATCH 0x41
304 #define SPDM_ERROR_CODE_RESPONSE_NOT_READY 0x42
305 #define SPDM_ERROR_CODE_REQUEST_RESYNCH 0x43
308 /// SPDM RESPONSE_IF_READY request
311 SPDM_MESSAGE_HEADER Header
;
312 // Param1 == RequestCode
314 } SPDM_RESPONSE_IF_READY_REQUEST
;