MdePkg/Include/IndustryStandard/Spdm.h

   1 /** @file
   2   Definitions of Security Protocol & Data Model Specification (SPDM)
   3   version 1.0.0 in Distributed Management Task Force (DMTF).
   4
   5 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
   6 SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9
  10 #ifndef __SPDM_H__
  11 #define __SPDM_H__
  12
  13 #pragma pack(1)
  14
  15 ///
  16 /// SPDM response code
  17 ///
  18 #define SPDM_DIGESTS            0x01
  19 #define SPDM_CERTIFICATE        0x02
  20 #define SPDM_CHALLENGE_AUTH     0x03
  21 #define SPDM_VERSION            0x04
  22 #define SPDM_MEASUREMENTS       0x60
  23 #define SPDM_CAPABILITIES       0x61
  24 #define SPDM_SET_CERT_RESPONSE  0x62
  25 #define SPDM_ALGORITHMS         0x63
  26 #define SPDM_ERROR              0x7F
  27 ///
  28 /// SPDM request code
  29 ///
  30 #define SPDM_GET_DIGESTS           0x81
  31 #define SPDM_GET_CERTIFICATE       0x82
  32 #define SPDM_CHALLENGE             0x83
  33 #define SPDM_GET_VERSION           0x84
  34 #define SPDM_GET_MEASUREMENTS      0xE0
  35 #define SPDM_GET_CAPABILITIES      0xE1
  36 #define SPDM_NEGOTIATE_ALGORITHMS  0xE3
  37 #define SPDM_RESPOND_IF_READY      0xFF
  38
  39 ///
  40 /// SPDM message header
  41 ///
  42 typedef struct {
  43   UINT8    SPDMVersion;
  44   UINT8    RequestResponseCode;
  45   UINT8    Param1;
  46   UINT8    Param2;
  47 } SPDM_MESSAGE_HEADER;
  48
  49 #define SPDM_MESSAGE_VERSION  0x10
  50
  51 ///
  52 /// SPDM GET_VERSION request
  53 ///
  54 typedef struct {
  55   SPDM_MESSAGE_HEADER    Header;
  56 } SPDM_GET_VERSION_REQUEST;
  57
  58 ///
  59 /// SPDM GET_VERSION response
  60 ///
  61 typedef struct {
  62   SPDM_MESSAGE_HEADER    Header;
  63   UINT8                  Reserved;
  64   UINT8                  VersionNumberEntryCount;
  65   // SPDM_VERSION_NUMBER  VersionNumberEntry[VersionNumberEntryCount];
  66 } SPDM_VERSION_RESPONSE;
  67
  68 ///
  69 /// SPDM VERSION structure
  70 ///
  71 typedef struct {
  72   UINT16    Alpha               : 4;
  73   UINT16    UpdateVersionNumber : 4;
  74   UINT16    MinorVersion        : 4;
  75   UINT16    MajorVersion        : 4;
  76 } SPDM_VERSION_NUMBER;
  77
  78 ///
  79 /// SPDM GET_CAPABILITIES request
  80 ///
  81 typedef struct {
  82   SPDM_MESSAGE_HEADER    Header;
  83 } SPDM_GET_CAPABILITIES_REQUEST;
  84
  85 ///
  86 /// SPDM GET_CAPABILITIES response
  87 ///
  88 typedef struct {
  89   SPDM_MESSAGE_HEADER    Header;
  90   UINT8                  Reserved;
  91   UINT8                  CTExponent;
  92   UINT16                 Reserved2;
  93   UINT32                 Flags;
  94 } SPDM_CAPABILITIES_RESPONSE;
  95
  96 ///
  97 /// SPDM GET_CAPABILITIES response Flags
  98 ///
  99 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP        BIT0
 100 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP         BIT1
 101 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP         BIT2
 102 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP         (BIT3 | BIT4)
 103 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_NO_SIG  BIT3
 104 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG     BIT4
 105 #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP   BIT5
 106
 107 ///
 108 /// SPDM NEGOTIATE_ALGORITHMS request
 109 ///
 110 typedef struct {
 111   SPDM_MESSAGE_HEADER    Header;
 112   UINT16                 Length;
 113   UINT8                  MeasurementSpecification;
 114   UINT8                  Reserved;
 115   UINT32                 BaseAsymAlgo;
 116   UINT32                 BaseHashAlgo;
 117   UINT8                  Reserved2[12];
 118   UINT8                  ExtAsymCount;
 119   UINT8                  ExtHashCount;
 120   UINT16                 Reserved3;
 121   // UINT32               ExtAsym[ExtAsymCount];
 122   // UINT32               ExtHash[ExtHashCount];
 123 } SPDM_NEGOTIATE_ALGORITHMS_REQUEST;
 124
 125 ///
 126 /// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo
 127 ///
 128 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048          BIT0
 129 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048          BIT1
 130 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_3072          BIT2
 131 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_3072          BIT3
 132 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P256  BIT4
 133 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_4096          BIT5
 134 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_4096          BIT6
 135 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384  BIT7
 136 #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521  BIT8
 137
 138 ///
 139 /// SPDM NEGOTIATE_ALGORITHMS request BaseHashAlgo
 140 ///
 141 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_256   BIT0
 142 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_384   BIT1
 143 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA_512   BIT2
 144 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_256  BIT3
 145 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384  BIT4
 146 #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512  BIT5
 147
 148 ///
 149 /// SPDM NEGOTIATE_ALGORITHMS response
 150 ///
 151 typedef struct {
 152   SPDM_MESSAGE_HEADER    Header;
 153   UINT16                 Length;
 154   UINT8                  MeasurementSpecificationSel;
 155   UINT8                  Reserved;
 156   UINT32                 MeasurementHashAlgo;
 157   UINT32                 BaseAsymSel;
 158   UINT32                 BaseHashSel;
 159   UINT8                  Reserved2[12];
 160   UINT8                  ExtAsymSelCount;
 161   UINT8                  ExtHashSelCount;
 162   UINT16                 Reserved3;
 163   // UINT32               ExtAsymSel[ExtAsymSelCount];
 164   // UINT32               ExtHashSel[ExtHashSelCount];
 165 } SPDM_ALGORITHMS_RESPONSE;
 166
 167 ///
 168 /// SPDM NEGOTIATE_ALGORITHMS response MeasurementHashAlgo
 169 ///
 170 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_RAW_BIT_STREAM_ONLY  BIT0
 171 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_256      BIT1
 172 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_384      BIT2
 173 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_512      BIT3
 174 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_256     BIT4
 175 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384     BIT5
 176 #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512     BIT6
 177
 178 ///
 179 /// SPDM GET_DIGESTS request
 180 ///
 181 typedef struct {
 182   SPDM_MESSAGE_HEADER    Header;
 183 } SPDM_GET_DIGESTS_REQUEST;
 184
 185 ///
 186 /// SPDM GET_DIGESTS response
 187 ///
 188 typedef struct {
 189   SPDM_MESSAGE_HEADER    Header;
 190   // UINT8                Digest[DigestSize];
 191 } SPDM_DIGESTS_RESPONSE;
 192
 193 ///
 194 /// SPDM GET_DIGESTS request
 195 ///
 196 typedef struct {
 197   SPDM_MESSAGE_HEADER    Header;
 198   UINT16                 Offset;
 199   UINT16                 Length;
 200 } SPDM_GET_CERTIFICATE_REQUEST;
 201
 202 ///
 203 /// SPDM GET_DIGESTS response
 204 ///
 205 typedef struct {
 206   SPDM_MESSAGE_HEADER    Header;
 207   UINT16                 PortionLength;
 208   UINT16                 RemainderLength;
 209   // UINT8                CertChain[CertChainSize];
 210 } SPDM_CERTIFICATE_RESPONSE;
 211
 212 ///
 213 /// SPDM CHALLENGE request
 214 ///
 215 typedef struct {
 216   SPDM_MESSAGE_HEADER    Header;
 217   UINT8                  Nonce[32];
 218 } SPDM_CHALLENGE_REQUEST;
 219
 220 ///
 221 /// SPDM CHALLENGE response
 222 ///
 223 typedef struct {
 224   SPDM_MESSAGE_HEADER    Header;
 225   // UINT8                CertChainHash[DigestSize];
 226   // UINT8                Nonce[32];
 227   // UINT8                MeasurementSummaryHash[DigestSize];
 228   // UINT16               OpaqueLength;
 229   // UINT8                OpaqueData[OpaqueLength];
 230   // UINT8                Signature[KeySize];
 231 } SPDM_CHALLENGE_AUTH_RESPONSE;
 232
 233 ///
 234 /// SPDM GET_MEASUREMENTS request
 235 ///
 236 typedef struct {
 237   SPDM_MESSAGE_HEADER    Header;
 238   UINT8                  Nonce[32];
 239 } SPDM_GET_MEASUREMENTS_REQUEST;
 240
 241 ///
 242 /// SPDM MEASUREMENTS block common header
 243 ///
 244 typedef struct {
 245   UINT8     Index;
 246   UINT8     MeasurementSpecification;
 247   UINT16    MeasurementSize;
 248   // UINT8                Measurement[MeasurementSize];
 249 } SPDM_MEASUREMENT_BLOCK_COMMON_HEADER;
 250
 251 #define SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF  BIT0
 252
 253 ///
 254 /// SPDM MEASUREMENTS block DMTF header
 255 ///
 256 typedef struct {
 257   UINT8     DMTFSpecMeasurementValueType;
 258   UINT16    DMTFSpecMeasurementValueSize;
 259   // UINT8                DMTFSpecMeasurementValue[DMTFSpecMeasurementValueSize];
 260 } SPDM_MEASUREMENT_BLOCK_DMTF_HEADER;
 261
 262 ///
 263 /// SPDM MEASUREMENTS block MeasurementValueType
 264 ///
 265 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_IMMUTABLE_ROM           0
 266 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MUTABLE_FIRMWARE        1
 267 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_HARDWARE_CONFIGURATION  2
 268 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_FIRMWARE_CONFIGURATION  3
 269 #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_RAW_BIT_STREAM          BIT7
 270
 271 ///
 272 /// SPDM GET_MEASUREMENTS response
 273 ///
 274 typedef struct {
 275   SPDM_MESSAGE_HEADER    Header;
 276   UINT8                  NumberOfBlocks;
 277   UINT8                  MeasurementRecordLength[3];
 278   // UINT8                MeasurementRecord[MeasurementRecordLength];
 279   // UINT8                Nonce[32];
 280   // UINT16               OpaqueLength;
 281   // UINT8                OpaqueData[OpaqueLength];
 282   // UINT8                Signature[KeySize];
 283 } SPDM_MEASUREMENTS_RESPONSE;
 284
 285 ///
 286 /// SPDM ERROR response
 287 ///
 288 typedef struct {
 289   SPDM_MESSAGE_HEADER    Header;
 290   // Param1 == Error Code
 291   // Param2 == Error Data
 292   // UINT8                ExtendedErrorData[];
 293 } SPDM_ERROR_RESPONSE;
 294
 295 ///
 296 /// SPDM error code
 297 ///
 298 #define SPDM_ERROR_CODE_INVALID_REQUEST         0x01
 299 #define SPDM_ERROR_CODE_BUSY                    0x03
 300 #define SPDM_ERROR_CODE_UNEXPECTED_REQUEST      0x04
 301 #define SPDM_ERROR_CODE_UNSPECIFIED             0x05
 302 #define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST     0x07
 303 #define SPDM_ERROR_CODE_MAJOR_VERSION_MISMATCH  0x41
 304 #define SPDM_ERROR_CODE_RESPONSE_NOT_READY      0x42
 305 #define SPDM_ERROR_CODE_REQUEST_RESYNCH         0x43
 306
 307 ///
 308 /// SPDM RESPONSE_IF_READY request
 309 ///
 310 typedef struct {
 311   SPDM_MESSAGE_HEADER    Header;
 312   // Param1 == RequestCode
 313   // Param2 == Token
 314 } SPDM_RESPONSE_IF_READY_REQUEST;
 315
 316 #pragma pack()
 317
 318 #endif