From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 4146FD80056 for ; Tue, 2 Apr 2024 02:31:35 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=ZIUHHk2UOMBT27ssJPEX6zBdtqTN+roG0iNETD4GfEk=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1712025093; v=1; b=dkZyMZINhUYZwbUTQCQ34eyFXlnO3uE/6KH8titMOwZc4H2oLw/WYdQ0U3vQzxqYxeqpLSLA rBa3qy7+JBqNTM4F+uf5HBsVTDHcbFxbzoavSDDZt9HUdPJzLns1oZcKPfqR9Ghgm+i8GoQziws m7gOEnQUqfU6vTEoV8CmH2iCAIeuT3g9M17o//btWg2XY5zDY04GC0pKHdo6O/pifpMf7/+zHTd bh8RVPpLyY3WsRIVnrbQTlFi79iVDftd1SN/5da2nyZpUtTKOcHdVAKAm6mSV9nlUH5AQZzO3Ye sDRkuxxxglfTNFa/lRSjPJYLcl+3P2N8lKlJ3trWRc6tA== X-Received: by 127.0.0.2 with SMTP id uhvBYY7687511xfPOn7wSOpG; Mon, 01 Apr 2024 19:31:33 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.15]) by mx.groups.io with SMTP id smtpd.web10.3286.1712025091304236795 for ; Mon, 01 Apr 2024 19:31:33 -0700 X-CSE-ConnectionGUID: L7LC2ctcTrOV4WOgs2UDxA== X-CSE-MsgGUID: CAl8gdkJRDWeMPB+oHTWww== X-IronPort-AV: E=McAfee;i="6600,9927,11031"; a="7362546" X-IronPort-AV: E=Sophos;i="6.07,173,1708416000"; d="scan'208";a="7362546" X-Received: from orviesa007.jf.intel.com ([10.64.159.147]) by fmvoesa109.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Apr 2024 19:31:33 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,173,1708416000"; d="scan'208";a="18307363" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by orviesa007.jf.intel.com with ESMTP; 01 Apr 2024 19:31:31 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Michael D Kinney , Liming Gao , Zhiguang Liu , Jiewen Yao Subject: [edk2-devel] [PATCH 1/9] MdePkg: Add SPDM1.2 support. Date: Tue, 2 Apr 2024 10:31:17 +0800 Message-Id: <20240402023125.4168-2-wenxing.hou@intel.com> In-Reply-To: <20240402023125.4168-1-wenxing.hou@intel.com> References: <20240402023125.4168-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 01 Apr 2024 19:31:33 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Xa1p54gt0nsK4PtuGUnmia6Hx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=dkZyMZIN; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) Update Spdm.h to support 1.2 new features, such as: Authentication and measurement. It wil be used in DeviceSecurity. The DeviceSecurity feature is from TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++++++++++++++++++++++-- 1 file changed, 1061 insertions(+), 49 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/Spdm.h b/MdePkg/Include/Indust= ryStandard/Spdm.h index 4ec7a5ed1f..7940caa95e 100644 --- a/MdePkg/Include/IndustryStandard/Spdm.h +++ b/MdePkg/Include/IndustryStandard/Spdm.h @@ -1,8 +1,8 @@ /** @file=0D - Definitions of Security Protocol & Data Model Specification (SPDM)=0D - version 1.0.0 in Distributed Management Task Force (DMTF).=0D + Definitions of DSP0274 Security Protocol & Data Model Specification (SPD= M)=0D + version 1.2.0 in Distributed Management Task Force (DMTF).=0D =0D -Copyright (c) 2019, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2019 - 2024, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -12,29 +12,72 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =0D #pragma pack(1)=0D =0D +#define SPDM_MAX_SLOT_COUNT 8=0D +#define SPDM_MAX_OPAQUE_DATA_SIZE 1024=0D +#define SPDM_NONCE_SIZE 32=0D +#define SPDM_RANDOM_DATA_SIZE 32=0D ///=0D -/// SPDM response code=0D +/// SPDM response code (1.0)=0D ///=0D -#define SPDM_DIGESTS 0x01=0D -#define SPDM_CERTIFICATE 0x02=0D -#define SPDM_CHALLENGE_AUTH 0x03=0D -#define SPDM_VERSION 0x04=0D -#define SPDM_MEASUREMENTS 0x60=0D -#define SPDM_CAPABILITIES 0x61=0D -#define SPDM_SET_CERT_RESPONSE 0x62=0D -#define SPDM_ALGORITHMS 0x63=0D -#define SPDM_ERROR 0x7F=0D +#define SPDM_DIGESTS 0x01=0D +#define SPDM_CERTIFICATE 0x02=0D +#define SPDM_CHALLENGE_AUTH 0x03=0D +#define SPDM_VERSION 0x04=0D +#define SPDM_MEASUREMENTS 0x60=0D +#define SPDM_CAPABILITIES 0x61=0D +#define SPDM_ALGORITHMS 0x63=0D +#define SPDM_VENDOR_DEFINED_RESPONSE 0x7E=0D +#define SPDM_ERROR 0x7F=0D ///=0D -/// SPDM request code=0D +/// SPDM response code (1.1)=0D ///=0D -#define SPDM_GET_DIGESTS 0x81=0D -#define SPDM_GET_CERTIFICATE 0x82=0D -#define SPDM_CHALLENGE 0x83=0D -#define SPDM_GET_VERSION 0x84=0D -#define SPDM_GET_MEASUREMENTS 0xE0=0D -#define SPDM_GET_CAPABILITIES 0xE1=0D -#define SPDM_NEGOTIATE_ALGORITHMS 0xE3=0D -#define SPDM_RESPOND_IF_READY 0xFF=0D +#define SPDM_KEY_EXCHANGE_RSP 0x64=0D +#define SPDM_FINISH_RSP 0x65=0D +#define SPDM_PSK_EXCHANGE_RSP 0x66=0D +#define SPDM_PSK_FINISH_RSP 0x67=0D +#define SPDM_HEARTBEAT_ACK 0x68=0D +#define SPDM_KEY_UPDATE_ACK 0x69=0D +#define SPDM_ENCAPSULATED_REQUEST 0x6A=0D +#define SPDM_ENCAPSULATED_RESPONSE_ACK 0x6B=0D +#define SPDM_END_SESSION_ACK 0x6C=0D +///=0D +/// SPDM response code (1.2)=0D +///=0D +#define SPDM_CSR 0x6D=0D +#define SPDM_SET_CERTIFICATE_RSP 0x6E=0D +#define SPDM_CHUNK_SEND_ACK 0x05=0D +#define SPDM_CHUNK_RESPONSE 0x06=0D +///=0D +/// SPDM request code (1.0)=0D +///=0D +#define SPDM_GET_DIGESTS 0x81=0D +#define SPDM_GET_CERTIFICATE 0x82=0D +#define SPDM_CHALLENGE 0x83=0D +#define SPDM_GET_VERSION 0x84=0D +#define SPDM_GET_MEASUREMENTS 0xE0=0D +#define SPDM_GET_CAPABILITIES 0xE1=0D +#define SPDM_NEGOTIATE_ALGORITHMS 0xE3=0D +#define SPDM_VENDOR_DEFINED_REQUEST 0xFE=0D +#define SPDM_RESPOND_IF_READY 0xFF=0D +///=0D +/// SPDM request code (1.1)=0D +///=0D +#define SPDM_KEY_EXCHANGE 0xE4=0D +#define SPDM_FINISH 0xE5=0D +#define SPDM_PSK_EXCHANGE 0xE6=0D +#define SPDM_PSK_FINISH 0xE7=0D +#define SPDM_HEARTBEAT 0xE8=0D +#define SPDM_KEY_UPDATE 0xE9=0D +#define SPDM_GET_ENCAPSULATED_REQUEST 0xEA=0D +#define SPDM_DELIVER_ENCAPSULATED_RESPONSE 0xEB=0D +#define SPDM_END_SESSION 0xEC=0D +///=0D +/// SPDM request code (1.2)=0D +///=0D +#define SPDM_GET_CSR 0xED=0D +#define SPDM_SET_CERTIFICATE 0xEE=0D +#define SPDM_CHUNK_SEND 0x85=0D +#define SPDM_CHUNK_GET 0x86=0D =0D ///=0D /// SPDM message header=0D @@ -46,13 +89,18 @@ typedef struct { UINT8 Param2;=0D } SPDM_MESSAGE_HEADER;=0D =0D -#define SPDM_MESSAGE_VERSION 0x10=0D +#define SPDM_MESSAGE_VERSION_10 0x10=0D +#define SPDM_MESSAGE_VERSION_11 0x11=0D +#define SPDM_MESSAGE_VERSION_12 0x12=0D +#define SPDM_MESSAGE_VERSION SPDM_MESSAGE_VERSION_10=0D =0D ///=0D /// SPDM GET_VERSION request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D } SPDM_GET_VERSION_REQUEST;=0D =0D ///=0D @@ -60,6 +108,8 @@ typedef struct { ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D UINT8 Reserved;=0D UINT8 VersionNumberEntryCount;=0D // SPDM_VERSION_NUMBER VersionNumberEntry[VersionNumberEntryCount];=0D @@ -68,18 +118,32 @@ typedef struct { ///=0D /// SPDM VERSION structure=0D ///=0D -typedef struct {=0D - UINT16 Alpha : 4;=0D - UINT16 UpdateVersionNumber : 4;=0D - UINT16 MinorVersion : 4;=0D - UINT16 MajorVersion : 4;=0D -} SPDM_VERSION_NUMBER;=0D +/// bit[15:12] major_version=0D +/// bit[11:8] minor_version=0D +/// bit[7:4] update_version_number=0D +/// bit[3:0] alpha=0D +typedef UINT16 SPDM_VERSION_NUMBER;=0D +#define SPDM_VERSION_NUMBER_SHIFT_BIT 8=0D =0D +#define SPDM_VERSION_1_2_SIGNING_PREFIX_CONTEXT "dmtf-spdm-v1.2.*"=0D +#define SPDM_VERSION_1_2_SIGNING_PREFIX_CONTEXT_SIZE \=0D + (sizeof(SPDM_VERSION_1_2_SIGNING_PREFIX_CONTEXT) - 1)=0D +#define SPDM_VERSION_1_2_SIGNING_CONTEXT_SIZE 100=0D ///=0D /// SPDM GET_CAPABILITIES request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D + // Below field is added in 1.1.=0D + UINT8 Reserved;=0D + UINT8 CTExponent;=0D + UINT16 Reserved2;=0D + UINT32 Flags;=0D + // Below field is added in 1.2.=0D + UINT32 DataTransferSize;=0D + UINT32 MaxSpdmMsgSize;=0D } SPDM_GET_CAPABILITIES_REQUEST;=0D =0D ///=0D @@ -87,14 +151,58 @@ typedef struct { ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D UINT8 Reserved;=0D UINT8 CTExponent;=0D UINT16 Reserved2;=0D UINT32 Flags;=0D + // Below field is added in 1.2.=0D + UINT32 DataTransferSize;=0D + UINT32 MaxSpdmMsgSize;=0D } SPDM_CAPABILITIES_RESPONSE;=0D =0D +#define SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12 42=0D +=0D +///=0D +/// SPDM GET_CAPABILITIES request Flags (1.1)=0D +///=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CERT_CAP BI= T1=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP BI= T2=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP BI= T6=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP BI= T7=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP BI= T8=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP BI= T9=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP (B= IT10 | BIT11)=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP_REQUESTER BI= T10=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP BI= T12=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HBEAT_CAP BI= T13=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_UPD_CAP BI= T14=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP BI= T15=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP BI= T16=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_11_MASK (\= =0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CERT_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHAL_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCRYPT_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MAC_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_EX_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PSK_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HBEAT_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_KEY_UPD_CAP | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP | \= =0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_PUB_KEY_ID_CAP)=0D +=0D +///=0D +/// SPDM GET_CAPABILITIES request Flags (1.2)=0D ///=0D -/// SPDM GET_CAPABILITIES response Flags=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHUNK_CAP BIT17=0D +#define SPDM_GET_CAPABILITIES_REQUEST_FLAGS_12_MASK (\=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_11_MASK | \=0D + SPDM_GET_CAPABILITIES_REQUEST_FLAGS_CHUNK_CAP)=0D +///=0D +/// SPDM GET_CAPABILITIES response Flags (1.0)=0D ///=0D #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP BIT0=0D #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP BIT1=0D @@ -103,27 +211,118 @@ typedef struct { #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_NO_SIG BIT3=0D #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP_SIG BIT4=0D #define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP BIT5=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_10_MASK (\=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CACHE_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_FRESH_CAP)=0D +///=0D +/// SPDM GET_CAPABILITIES response Flags (1.1)=0D +///=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP = BIT6=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP = BIT7=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP = BIT8=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP = BIT9=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP = (BIT10 | BIT11)=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP_RESPONDER = BIT10=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP_RESPONDER_WITH_CONTEX= T BIT11=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP = BIT12=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HBEAT_CAP = BIT13=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_UPD_CAP = BIT14=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP = BIT15=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP = BIT16=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_11_MASK = (\=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_10_MASK | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCRYPT_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MAC_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HBEAT_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_UPD_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_HANDSHAKE_IN_THE_CLEAR_CAP | = \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PUB_KEY_ID_CAP)=0D +///=0D +/// SPDM GET_CAPABILITIES response Flags (1.2)=0D +///=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHUNK_CAP BIT17=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ALIAS_CERT_CAP BIT18=0D =0D +///=0D +/// SPDM GET_CAPABILITIES response Flags (1.2.1)=0D +///=0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP BIT19= =0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CSR_CAP BIT20= =0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP BIT21= =0D +#define SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_12_MASK (\=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_11_MASK | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHUNK_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ALIAS_CERT_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_CERT_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CSR_CAP | \=0D + SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_INSTALL_RESET_CAP)=0D ///=0D /// SPDM NEGOTIATE_ALGORITHMS request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D Number of Algorithms Structure Tables=0D + // Param2 =3D=3D RSVD=0D UINT16 Length;=0D UINT8 MeasurementSpecification;=0D - UINT8 Reserved;=0D +=0D + // OtherParamsSupport is added in 1.2.=0D + // BIT[0:3]=3Dopaque_data_format support=0D + // BIT[4:7]=3DReserved=0D + UINT8 OtherParamsSupport;=0D UINT32 BaseAsymAlgo;=0D UINT32 BaseHashAlgo;=0D UINT8 Reserved2[12];=0D UINT8 ExtAsymCount;=0D UINT8 ExtHashCount;=0D UINT16 Reserved3;=0D - // UINT32 ExtAsym[ExtAsymCount];=0D - // UINT32 ExtHash[ExtHashCount];=0D + // SPDM_EXTENDED_ALGORITHM ExtAsym[ExtAsymCount];=0D + // SPDM_EXTENDED_ALGORITHM ExtHash[ExtHashCount];=0D + // Below field is added in 1.1.=0D + // SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE AlgStruct[Param1];=0D } SPDM_NEGOTIATE_ALGORITHMS_REQUEST;=0D =0D +#define SPDM_NEGOTIATE_ALGORITHMS_REQUEST_MAX_LENGTH_VERSION_10 BI= T6=0D +#define SPDM_NEGOTIATE_ALGORITHMS_REQUEST_MAX_LENGTH_VERSION_11 BI= T7=0D +#define SPDM_NEGOTIATE_ALGORITHMS_REQUEST_MAX_LENGTH_VERSION_12 BI= T7=0D +#define SPDM_NEGOTIATE_ALGORITHMS_REQUEST_MAX_EXT_ALG_COUNT_VERSION_10 BI= T3=0D +#define SPDM_NEGOTIATE_ALGORITHMS_REQUEST_MAX_EXT_ALG_COUNT_VERSION_11 (B= IT4 | BIT2)=0D +#define SPDM_NEGOTIATE_ALGORITHMS_REQUEST_MAX_EXT_ALG_COUNT_VERSION_12 (B= IT4 | BIT2)=0D +=0D +typedef struct {=0D + UINT8 AlgType;=0D + UINT8 AlgCount; // BIT[0:3]=3DExtAlgCount, BIT[4:7]=3DFix= edAlgByteCount=0D + // UINT8 AlgSupported[FixedAlgByteCount];=0D + // UINT32 AlgExternal[ExtAlgCount];=0D +} SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE;=0D +=0D +typedef struct {=0D + UINT8 ExtAlgCount : 4;=0D + UINT8 FixedAlgByteCount : 4;=0D +} SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_COUNT;=0D +=0D +#define SPDM_NEGOTIATE_ALGORITHMS_MAX_NUM_STRUCT_TABLE_ALG 4=0D +=0D +#define SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_DHE = 2=0D +#define SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_AEAD = 3=0D +#define SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_REQ_BASE_ASYM_ALG = 4=0D +#define SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE_ALG_TYPE_KEY_SCHEDULE = 5=0D +=0D +typedef struct {=0D + UINT8 AlgType;=0D + UINT8 AlgCount;=0D + UINT16 AlgSupported;=0D +} SPDM_NEGOTIATE_ALGORITHMS_COMMON_STRUCT_TABLE;=0D +=0D ///=0D -/// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo=0D +/// SPDM NEGOTIATE_ALGORITHMS request BaseAsymAlgo/REQ_BASE_ASYM_ALG=0D ///=0D #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSASSA_2048 BIT0=0D #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_RSAPSS_2048 BIT1=0D @@ -135,6 +334,13 @@ typedef struct { #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P384 BIT7=0D #define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_ECDSA_ECC_NIST_P521 BIT8=0D =0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request base_asym_algo/REQ_BASE_ASYM_ALG (1.= 2)=0D +///=0D +#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_TPM_ALG_SM2_ECC_SM2_P256 BIT9=0D +#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_EDDSA_ED25519 BIT10=0D +#define SPDM_ALGORITHMS_BASE_ASYM_ALGO_EDDSA_ED448 BIT11=0D +=0D ///=0D /// SPDM NEGOTIATE_ALGORITHMS request BaseHashAlgo=0D ///=0D @@ -145,14 +351,56 @@ typedef struct { #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_384 BIT4=0D #define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SHA3_512 BIT5=0D =0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request base_hash_algo (1.2)=0D +///=0D +#define SPDM_ALGORITHMS_BASE_HASH_ALGO_TPM_ALG_SM3_256 BIT6=0D +=0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request DHE=0D +///=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_FFDHE_2048 BIT0=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_FFDHE_3072 BIT1=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_FFDHE_4096 BIT2=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_SECP_256_R1 BIT3=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_SECP_384_R1 BIT4=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_SECP_521_R1 BIT5=0D +=0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request DHE (1.2)=0D +///=0D +#define SPDM_ALGORITHMS_DHE_NAMED_GROUP_SM2_P256 BIT6=0D +=0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request AEAD=0D +///=0D +#define SPDM_ALGORITHMS_AEAD_CIPHER_SUITE_AES_128_GCM BIT0=0D +#define SPDM_ALGORITHMS_AEAD_CIPHER_SUITE_AES_256_GCM BIT1=0D +#define SPDM_ALGORITHMS_AEAD_CIPHER_SUITE_CHACHA20_POLY1305 BIT2=0D +=0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request AEAD (1.2)=0D +///=0D +#define SPDM_ALGORITHMS_AEAD_CIPHER_SUITE_AEAD_SM4_GCM BIT3=0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS request KEY_SCHEDULE=0D +///=0D +#define SPDM_ALGORITHMS_KEY_SCHEDULE_HMAC_HASH BIT0=0D +=0D ///=0D /// SPDM NEGOTIATE_ALGORITHMS response=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D Number of Algorithms Structure Tables=0D + // Param2 =3D=3D RSVD=0D UINT16 Length;=0D UINT8 MeasurementSpecificationSel;=0D - UINT8 Reserved;=0D +=0D + // OtherParamsSelection is added in 1.2.=0D + // BIT[0:3]=3Dopaque_data_format select,=0D + // BIT[4:7]=3DReserved=0D + UINT8 OtherParamsSelection;=0D UINT32 MeasurementHashAlgo;=0D UINT32 BaseAsymSel;=0D UINT32 BaseHashSel;=0D @@ -160,8 +408,10 @@ typedef struct { UINT8 ExtAsymSelCount;=0D UINT8 ExtHashSelCount;=0D UINT16 Reserved3;=0D - // UINT32 ExtAsymSel[ExtAsymSelCount];=0D - // UINT32 ExtHashSel[ExtHashSelCount];=0D + // SPDM_EXTENDED_ALGORITHM ExtAsymSel[ExtAsymSelCount];= =0D + // SPDM_EXTENDED_ALGORITHM ExtHashSel[ExtHashSelCount];= =0D + // Below field is added in 1.1.=0D + // SPDM_NEGOTIATE_ALGORITHMS_STRUCT_TABLE AlgStruct[Param1];=0D } SPDM_ALGORITHMS_RESPONSE;=0D =0D ///=0D @@ -175,11 +425,57 @@ typedef struct { #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384 BIT5=0D #define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512 BIT6=0D =0D +///=0D +/// SPDM NEGOTIATE_ALGORITHMS response measurement_hash_algo (1.2)=0D +///=0D +#define SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SM3_256 BIT7=0D +=0D +///=0D +/// SPDM Opaque Data Format (1.2)=0D +///=0D +#define SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_NONE 0x0=0D +#define SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_0 0x1=0D +#define SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_1 0x2=0D +#define SPDM_ALGORITHMS_OPAQUE_DATA_FORMAT_MASK 0xF=0D +=0D +///=0D +/// SPDM Opaque Data Format 1 (1.2)=0D +///=0D +typedef struct {=0D + UINT8 TotalElements;=0D + UINT8 Reserved[3];=0D + // opaque_element_table_t opaque_list[];=0D +} SPDM_GENERAL_OPAQUE_DATA_TABLE_HEADER;=0D +=0D +///=0D +/// SPDM extended algorithm=0D +///=0D +typedef struct {=0D + UINT8 RegistryID;=0D + UINT8 Reserved;=0D + UINT16 AlgorithmID;=0D +} SPDM_EXTENDED_ALGORITHM;=0D +=0D +///=0D +/// SPDM RegistryID=0D +///=0D +#define SPDM_REGISTRY_ID_DMTF 0=0D +#define SPDM_REGISTRY_ID_TCG 1=0D +#define SPDM_REGISTRY_ID_USB 2=0D +#define SPDM_REGISTRY_ID_PCISIG 3=0D +#define SPDM_REGISTRY_ID_IANA 4=0D +#define SPDM_REGISTRY_ID_HDBASET 5=0D +#define SPDM_REGISTRY_ID_MIPI 6=0D +#define SPDM_REGISTRY_ID_CXL 7=0D +#define SPDM_REGISTRY_ID_JEDEC 8=0D +=0D ///=0D /// SPDM GET_DIGESTS request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D } SPDM_GET_DIGESTS_REQUEST;=0D =0D ///=0D @@ -187,33 +483,69 @@ typedef struct { ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D - // UINT8 Digest[DigestSize];=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D SlotMask=0D + // UINT8 Digest[DigestSize][SlotCount];=0D } SPDM_DIGESTS_RESPONSE;=0D =0D ///=0D -/// SPDM GET_DIGESTS request=0D +/// SPDM GET_CERTIFICATE request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D SlotNum=0D + // Param2 =3D=3D RSVD=0D UINT16 Offset;=0D UINT16 Length;=0D } SPDM_GET_CERTIFICATE_REQUEST;=0D =0D +#define SPDM_GET_CERTIFICATE_REQUEST_SLOT_ID_MASK 0xF=0D ///=0D -/// SPDM GET_DIGESTS response=0D +/// SPDM GET_CERTIFICATE response=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D SlotNum=0D + // Param2 =3D=3D RSVD=0D UINT16 PortionLength;=0D UINT16 RemainderLength;=0D - // UINT8 CertChain[CertChainSize];=0D + // UINT8 CertChain[PortionLength];=0D } SPDM_CERTIFICATE_RESPONSE;=0D =0D +#define SPDM_CERTIFICATE_RESPONSE_SLOT_ID_MASK 0xF=0D +=0D +typedef struct {=0D + //=0D + // Total length of the certificate chain, in bytes,=0D + // including all fields in this table.=0D + //=0D + UINT16 Length;=0D + UINT16 Reserved;=0D + //=0D + // Digest of the Root Certificate.=0D + // Note that Root Certificate is ASN.1 DER-encoded for this digest.=0D + // The hash size is determined by the SPDM device.=0D + //=0D + // UINT8 RootHash[HashSize];=0D + //=0D + // One or more ASN.1 DER-encoded X509v3 certificates where the first cer= tificate is signed by the Root=0D + // Certificate or is the Root Certificate itself and each subsequent cer= tificate is signed by the preceding=0D + // certificate. The last certificate is the Leaf Certificate.=0D + //=0D + // UINT8 Certificates[Length - 4 - HashSize];=0D +} SPDM_CERT_CHAIN;=0D +=0D +///=0D +/// Maximum size, in bytes, of a certificate chain.=0D +///=0D +#define SPDM_MAX_CERTIFICATE_CHAIN_SIZE 65535=0D ///=0D /// SPDM CHALLENGE request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D SlotNum=0D + // Param2 =3D=3D HashType=0D UINT8 Nonce[32];=0D } SPDM_CHALLENGE_REQUEST;=0D =0D @@ -222,6 +554,8 @@ typedef struct { ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D ResponseAttribute=0D + // Param2 =3D=3D SlotMask=0D // UINT8 CertChainHash[DigestSize];=0D // UINT8 Nonce[32];=0D // UINT8 MeasurementSummaryHash[DigestSize];=0D @@ -230,14 +564,75 @@ typedef struct { // UINT8 Signature[KeySize];=0D } SPDM_CHALLENGE_AUTH_RESPONSE;=0D =0D +///=0D +/// SPDM generic request measurement summary HashType=0D +///=0D +#define SPDM_REQUEST_NO_MEASUREMENT_SUMMARY_HASH 0=0D +#define SPDM_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH 1=0D +#define SPDM_REQUEST_ALL_MEASUREMENTS_HASH 0xFF=0D +=0D +///=0D +/// SPDM CHALLENGE request measurement summary HashType=0D +///=0D +#define SPDM_CHALLENGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH SPDM_REQUEST_N= O_MEASUREMENT_SUMMARY_HASH=0D +#define SPDM_CHALLENGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH \=0D + SPDM_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH=0D +#define SPDM_CHALLENGE_REQUEST_ALL_MEASUREMENTS_HASH SPDM_REQUEST_ALL_MEA= SUREMENTS_HASH=0D +=0D +#define SPDM_CHALLENGE_AUTH_RESPONSE_ATTRIBUTE_SLOT_ID_MASK 0xF=0D +=0D +typedef struct {=0D + UINT8 SlotNum : 4;=0D + UINT8 Reserved : 3;=0D + UINT8 BasicMutAuthReq : 1;=0D +} SPDM_CHALLENGE_AUTH_RESPONSE_ATTRIBUTE;=0D +=0D +///=0D +/// Deprecated in SPDM 1.2=0D +///=0D +#define SPDM_CHALLENGE_AUTH_RESPONSE_ATTRIBUTE_BASIC_MUT_AUTH_REQ BIT7=0D +=0D +#define SPDM_CHALLENGE_AUTH_SIGN_CONTEXT "responder-challenge_au= th signing"=0D +#define SPDM_CHALLENGE_AUTH_SIGN_CONTEXT_SIZE (sizeof(SPDM_CHALLENGE_= AUTH_SIGN_CONTEXT) - 1)=0D +#define SPDM_MUT_CHALLENGE_AUTH_SIGN_CONTEXT "requester-challenge_au= th signing"=0D +#define SPDM_MUT_CHALLENGE_AUTH_SIGN_CONTEXT_SIZE (sizeof(SPDM_MUT_CHALLE= NGE_AUTH_SIGN_CONTEXT) - 1)=0D +=0D ///=0D /// SPDM GET_MEASUREMENTS request=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D Attributes=0D + // Param2 =3D=3D MeasurementOperation=0D UINT8 Nonce[32];=0D + // Below field is added in 1.1.=0D + UINT8 SlotIDParam; // BIT[0:3]=3DSlotNum, BIT[4:7]=3DRe= served=0D } SPDM_GET_MEASUREMENTS_REQUEST;=0D =0D +typedef struct {=0D + UINT8 SlotNum : 4;=0D + UINT8 Reserved : 4;=0D +} SPDM_GET_MEASUREMENTS_REQUEST_SLOT_ID_PARAMETER;=0D +=0D +#define SPDM_GET_MEASUREMENTS_REQUEST_SLOT_ID_MASK 0xF=0D +=0D +///=0D +/// SPDM GET_MEASUREMENTS request Attributes=0D +///=0D +#define SPDM_GET_MEASUREMENTS_REQUEST_ATTRIBUTES_GENERATE_SIGNATURE = BIT0=0D +#define SPDM_GET_MEASUREMENTS_REQUEST_ATTRIBUTES_RAW_BIT_STREAM_REQUESTED = BIT1=0D +#define SPDM_GET_MEASUREMENTS_REQUEST_ATTRIBUTES_NEW_MEASUREMENT_REQUESTED= BIT2=0D +=0D +///=0D +/// SPDM GET_MEASUREMENTS request MeasurementOperation=0D +///=0D +#define SPDM_GET_MEASUREMENTS_REQUEST_MEASUREMENT_OPERATION_TOTAL_NUMBER_O= F_MEASUREMENTS 0=0D +=0D +///=0D +/// SPDM_GET_MEASUREMENTS_REQUEST_MEASUREMENT_OPERATION_INDEX=0D +///=0D +#define SPDM_GET_MEASUREMENTS_REQUEST_MEASUREMENT_OPERATION_ALL_MEASUREMEN= TS 0xFF=0D +=0D ///=0D /// SPDM MEASUREMENTS block common header=0D ///=0D @@ -259,6 +654,17 @@ typedef struct { // UINT8 DMTFSpecMeasurementValue[DMTFSpecMeasurementValu= eSize];=0D } SPDM_MEASUREMENT_BLOCK_DMTF_HEADER;=0D =0D +typedef struct {=0D + SPDM_MEASUREMENT_BLOCK_COMMON_HEADER MeasurementBlockCommonHeader;=0D + SPDM_MEASUREMENT_BLOCK_DMTF_HEADER MeasurementBlockDmtfHeader;=0D + // UINT8 HashValue[HashSize];=0D +} SPDM_MEASUREMENT_BLOCK_DMTF;=0D +=0D +typedef struct {=0D + UINT8 Content : 7;=0D + UINT8 Presentation : 1;=0D +} SPDM_MEASUREMENTS_BLOCK_MEASUREMENT_TYPE;=0D +=0D ///=0D /// SPDM MEASUREMENTS block MeasurementValueType=0D ///=0D @@ -266,13 +672,54 @@ typedef struct { #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MUTABLE_FIRMWARE 1= =0D #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_HARDWARE_CONFIGURATION 2= =0D #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_FIRMWARE_CONFIGURATION 3= =0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MEASUREMENT_MANIFEST 4= =0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_DEVICE_MODE 5= =0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_VERSION 6= =0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_SECURE_VERSION_NUMBER 7= =0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_MASK 0x= 7=0D #define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_TYPE_RAW_BIT_STREAM BI= T7=0D =0D +///=0D +/// SPDM MEASUREMENTS block index=0D +///=0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_INDEX_MEASUREMENT_MANIFEST 0xF= D=0D +#define SPDM_MEASUREMENT_BLOCK_MEASUREMENT_INDEX_DEVICE_MODE 0xF= E=0D +=0D +///=0D +/// SPDM MEASUREMENTS device mode=0D +///=0D +typedef struct {=0D + UINT32 OperationalModeCapabilities;=0D + UINT32 OperationalModeState;=0D + UINT32 DeviceModeCapabilities;=0D + UINT32 DeviceModeState;=0D +} SPDM_MEASUREMENT_DEVICE_MODE;=0D +=0D +#define SPDM_MEASUREMENT_DEVICE_OPERATION_MODE_MANUFACTURING_MODE BIT0=0D +#define SPDM_MEASUREMENT_DEVICE_OPERATION_MODE_VALIDATION_MODE BIT1=0D +#define SPDM_MEASUREMENT_DEVICE_OPERATION_MODE_NORMAL_MODE BIT2=0D +#define SPDM_MEASUREMENT_DEVICE_OPERATION_MODE_RECOVERY_MODE BIT3=0D +#define SPDM_MEASUREMENT_DEVICE_OPERATION_MODE_RMA_MODE BIT4=0D +#define SPDM_MEASUREMENT_DEVICE_OPERATION_MODE_DECOMMISSIONED_MODE BIT5=0D +=0D +#define SPDM_MEASUREMENT_DEVICE_MODE_NON_INVASIVE_DEBUG_MODE_IS_ACTIVE = BIT0=0D +#define SPDM_MEASUREMENT_DEVICE_MODE_INVASIVE_DEBUG_MODE_IS_ACTIVE = BIT1=0D +#define SPDM_MEASUREMENT_DEVICE_MODE_NON_INVASIVE_DEBUG_MODE_HAS_BEEN_ACTI= VE BIT2=0D +#define SPDM_MEASUREMENT_DEVICE_MODE_INVASIVE_DEBUG_MODE_HAS_BEEN_ACTIVE = BIT3=0D +#define SPDM_MEASUREMENT_DEVICE_MODE_INVASIVE_DEBUG_MODE_HAS_BEEN_ACTIVE_A= FTER_MFG BIT4=0D +=0D +///=0D +/// SPDM MEASUREMENTS SVN=0D +///=0D +typedef UINT64 SPDM_MEASUREMENTS_SECURE_VERSION_NUMBER;=0D +=0D ///=0D /// SPDM GET_MEASUREMENTS response=0D ///=0D typedef struct {=0D SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D TotalNumberOfMeasurement/RSVD=0D + // Param2 =3D=3D SlotNum=0D UINT8 NumberOfBlocks;=0D UINT8 MeasurementRecordLength[3];=0D // UINT8 MeasurementRecord[MeasurementRecordLength];=0D @@ -282,6 +729,21 @@ typedef struct { // UINT8 Signature[KeySize];=0D } SPDM_MEASUREMENTS_RESPONSE;=0D =0D +#define SPDM_MEASUREMENTS_RESPONSE_SLOT_ID_MASK 0xF=0D +=0D +///=0D +/// SPDM MEASUREMENTS content changed=0D +///=0D +#define SPDM_MEASUREMENTS_RESPONSE_CONTENT_CHANGE_MASK 0x30=0D +#define SPDM_MEASUREMENTS_RESPONSE_CONTENT_CHANGE_NO_DETECTION 0x00=0D +#define SPDM_MEASUREMENTS_RESPONSE_CONTENT_CHANGE_DETECTED 0x10=0D +#define SPDM_MEASUREMENTS_RESPONSE_CONTENT_NO_CHANGE_DETECTED 0x20=0D +=0D +#define SPDM_MEASUREMENTS_SIGN_CONTEXT "responder-measurements signi= ng"=0D +#define SPDM_MEASUREMENTS_SIGN_CONTEXT_SIZE (sizeof(SPDM_MEASUREMENTS_SIG= N_CONTEXT) - 1)=0D +=0D +#define SPDM_MEL_SPECIFICATION_DMTF BIT0=0D +=0D ///=0D /// SPDM ERROR response=0D ///=0D @@ -292,17 +754,69 @@ typedef struct { // UINT8 ExtendedErrorData[];=0D } SPDM_ERROR_RESPONSE;=0D =0D +#define SPDM_EXTENDED_ERROR_DATA_MAX_SIZE 32=0D +=0D ///=0D /// SPDM error code=0D ///=0D -#define SPDM_ERROR_CODE_INVALID_REQUEST 0x01=0D -#define SPDM_ERROR_CODE_BUSY 0x03=0D -#define SPDM_ERROR_CODE_UNEXPECTED_REQUEST 0x04=0D -#define SPDM_ERROR_CODE_UNSPECIFIED 0x05=0D -#define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST 0x07=0D -#define SPDM_ERROR_CODE_MAJOR_VERSION_MISMATCH 0x41=0D -#define SPDM_ERROR_CODE_RESPONSE_NOT_READY 0x42=0D -#define SPDM_ERROR_CODE_REQUEST_RESYNCH 0x43=0D +#define SPDM_ERROR_CODE_INVALID_REQUEST 0x01=0D +#define SPDM_ERROR_CODE_BUSY 0x03=0D +#define SPDM_ERROR_CODE_UNEXPECTED_REQUEST 0x04=0D +#define SPDM_ERROR_CODE_UNSPECIFIED 0x05=0D +#define SPDM_ERROR_CODE_UNSUPPORTED_REQUEST 0x07=0D +#define SPDM_ERROR_CODE_VERSION_MISMATCH 0x41=0D +#define SPDM_ERROR_CODE_RESPONSE_NOT_READY 0x42=0D +#define SPDM_ERROR_CODE_REQUEST_RESYNCH 0x43=0D +#define SPDM_ERROR_CODE_VENDOR_DEFINED 0xFF=0D +///=0D +/// SPDM error code (1.1)=0D +///=0D +#define SPDM_ERROR_CODE_DECRYPT_ERROR 0x06=0D +#define SPDM_ERROR_CODE_REQUEST_IN_FLIGHT 0x08=0D +#define SPDM_ERROR_CODE_INVALID_RESPONSE_CODE 0x09=0D +#define SPDM_ERROR_CODE_SESSION_LIMIT_EXCEEDED 0x0A=0D +=0D +///=0D +/// SPDM error code (1.2)=0D +///=0D +#define SPDM_ERROR_CODE_SESSION_REQUIRED 0x0B=0D +#define SPDM_ERROR_CODE_RESET_REQUIRED 0x0C=0D +#define SPDM_ERROR_CODE_RESPONSE_TOO_LARGE 0x0D=0D +#define SPDM_ERROR_CODE_REQUEST_TOO_LARGE 0x0E=0D +#define SPDM_ERROR_CODE_LARGE_RESPONSE 0x0F=0D +#define SPDM_ERROR_CODE_MESSAGE_LOST 0x10=0D +///=0D +/// SPDM ResponseNotReady extended data=0D +///=0D +typedef struct {=0D + UINT8 RDTExponent;=0D + UINT8 RequestCode;=0D + UINT8 Token;=0D + UINT8 Rdtm;=0D +} SPDM_ERROR_DATA_RESPONSE_NOT_READY;=0D +=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D Error Code=0D + // Param2 =3D=3D Error Data=0D + SPDM_ERROR_DATA_RESPONSE_NOT_READY ExtendErrorData;=0D +} SPDM_ERROR_RESPONSE_DATA_RESPONSE_NOT_READY;=0D +=0D +///=0D +/// SPDM LargeResponse extended data=0D +///=0D +typedef struct {=0D + UINT8 Handle;=0D +} SPDM_ERROR_DATA_LARGE_RESPONSE;=0D +=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 =3D=3D Error Code=0D + // param2 =3D=3D Error data=0D + //=0D + SPDM_ERROR_DATA_LARGE_RESPONSE ExtendErrorData;=0D +} SPDM_ERROR_RESPONSE_LARGE_RESPONSE;=0D =0D ///=0D /// SPDM RESPONSE_IF_READY request=0D @@ -313,6 +827,504 @@ typedef struct { // Param2 =3D=3D Token=0D } SPDM_RESPONSE_IF_READY_REQUEST;=0D =0D +///=0D +/// Maximum size of a vendor defined message data length=0D +/// limited by the length field size which is 2 bytes=0D +///=0D +#define SPDM_MAX_VENDOR_DEFINED_DATA_LEN 65535=0D +=0D +///=0D +/// Maximum size of a vendor defined vendor id length=0D +/// limited by the length field size which is 1 byte=0D +///=0D +#define SPDM_MAX_VENDOR_ID_LENGTH 255=0D +=0D +///=0D +/// SPDM VENDOR_DEFINED request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D + UINT16 StandardID;=0D + UINT8 Len;=0D + // UINT8 VendorID[Len];=0D + // UINT16 PayloadLength;=0D + // UINT8 VendorDefinedPayload[PayloadLength];=0D +} SPDM_VENDOR_DEFINED_REQUEST_MSG;=0D +=0D +///=0D +/// SPDM VENDOR_DEFINED response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D + UINT16 StandardID;=0D + UINT8 Len;=0D + // UINT8 VendorID[Len];=0D + // UINT16 PayloadLength;=0D + // UINT8 VendorDefinedPayload[PayloadLength];=0D +} SPDM_VENDOR_DEFINED_RESPONSE_MSG;=0D +=0D +//=0D +// Below command is defined in SPDM 1.1=0D +//=0D +=0D +///=0D +/// SPDM KEY_EXCHANGE request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D HashType=0D + // Param2 =3D=3D SlotNum=0D + UINT16 ReqSessionID;=0D + UINT16 Reserved;=0D + UINT8 RandomData[32];=0D + // UINT8 ExchangeData[D];=0D + // UINT16 OpaqueLength;=0D + // UINT8 OpaqueData[OpaqueLength];=0D +} SPDM_KEY_EXCHANGE_REQUEST;=0D +=0D +///=0D +/// SPDM KEY_EXCHANGE request session_policy=0D +///=0D +#define SPDM_KEY_EXCHANGE_REQUEST_SESSION_POLICY_TERMINATION_POLICY_RUNTIM= E_UPDATE BIT0=0D +=0D +///=0D +/// SPDM KEY_EXCHANGE request measurement summary HashType=0D +///=0D +#define SPDM_KEY_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH \=0D + SPDM_REQUEST_NO_MEASUREMENT_SUMMARY_HASH=0D +#define SPDM_KEY_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH \=0D + SPDM_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH=0D +#define SPDM_KEY_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH SPDM_REQUEST_ALL_= MEASUREMENTS_HASH=0D +=0D +///=0D +/// SPDM KEY_EXCHANGE response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D HeartbeatPeriod=0D + // Param2 =3D=3D RSVD=0D + UINT16 RspSessionID;=0D + UINT8 MutAuthRequested;=0D + UINT8 ReqSlotIDParam;=0D + UINT8 RandomData[32];=0D + // UINT8 ExchangeData[D];=0D + // UINT8 MeasurementSummaryHash[DigestSize];=0D + // UINT16 OpaqueLength;=0D + // UINT8 OpaqueData[OpaqueLength];=0D + // UINT8 Signature[S];=0D + // UINT8 ResponderVerifyData[H];=0D +} SPDM_KEY_EXCHANGE_RESPONSE;=0D +=0D +///=0D +/// SPDM KEY_EXCHANGE response MutAuthRequested=0D +///=0D +#define SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED = BIT0=0D +#define SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST = BIT1=0D +#define SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS = BIT2=0D +=0D +#define SPDM_KEY_EXCHANGE_RESPONSE_SIGN_CONTEXT "responder-key_exchange_r= sp signing"=0D +#define SPDM_KEY_EXCHANGE_RESPONSE_SIGN_CONTEXT_SIZE \=0D + (sizeof(SPDM_KEY_EXCHANGE_RESPONSE_SIGN_CONTEXT) - 1)=0D +=0D +#define SPDM_VERSION_1_2_KEY_EXCHANGE_REQUESTER_CONTEXT "Requester-KEP-dm= tf-spdm-v1.2"=0D +#define SPDM_VERSION_1_2_KEY_EXCHANGE_REQUESTER_CONTEXT_SIZE \=0D + (sizeof(SPDM_VERSION_1_2_KEY_EXCHANGE_REQUESTER_CONTEXT) - 1)=0D +=0D +#define SPDM_VERSION_1_2_KEY_EXCHANGE_RESPONDER_CONTEXT "Responder-KEP-dm= tf-spdm-v1.2"=0D +#define SPDM_VERSION_1_2_KEY_EXCHANGE_RESPONDER_CONTEXT_SIZE \=0D + (sizeof(SPDM_VERSION_1_2_KEY_EXCHANGE_RESPONDER_CONTEXT) - 1)=0D +=0D +///=0D +/// SPDM FINISH request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D SignatureIncluded=0D + // Param2 =3D=3D ReqSlotNum=0D + // UINT8 Signature[S];=0D + // UINT8 RequesterVerifyData[H];=0D +} SPDM_FINISH_REQUEST;=0D +=0D +///=0D +/// SPDM FINISH request SignatureIncluded=0D +///=0D +#define SPDM_FINISH_REQUEST_ATTRIBUTES_SIGNATURE_INCLUDED BIT0=0D +=0D +///=0D +/// SPDM FINISH response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D + // UINT8 ResponderVerifyData[H];=0D +} SPDM_FINISH_RESPONSE;=0D +=0D +#define SPDM_FINISH_SIGN_CONTEXT "requester-finish signing"=0D +#define SPDM_FINISH_SIGN_CONTEXT_SIZE (sizeof(SPDM_FINISH_SIGN_CONTEXT) -= 1)=0D +=0D +///=0D +/// SPDM PSK_EXCHANGE request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D HashType=0D + // Param2 =3D=3D RSVD/session_policy (1.2)=0D + UINT16 ReqSessionID;=0D + UINT16 PSKHintLength;=0D + UINT16 RequesterContextLength;=0D + UINT16 OpaqueLength;=0D + // UINT8 PSKHint[PSKHintLength];=0D + // UINT8 RequesterContext[RequesterContextLength];=0D + // UINT8 OpaqueData[OpaqueLength];=0D +} SPDM_PSK_EXCHANGE_REQUEST;=0D +=0D +///=0D +/// SPDM PSK_EXCHANGE request measurement summary HashType=0D +///=0D +#define SPDM_PSK_EXCHANGE_REQUEST_NO_MEASUREMENT_SUMMARY_HASH \=0D + SPDM_REQUEST_NO_MEASUREMENT_SUMMARY_HASH=0D +#define SPDM_PSK_EXCHANGE_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH \=0D + SPDM_REQUEST_TCB_COMPONENT_MEASUREMENT_HASH=0D +#define SPDM_PSK_EXCHANGE_REQUEST_ALL_MEASUREMENTS_HASH SPDM_REQUEST_ALL_= MEASUREMENTS_HASH=0D +=0D +///=0D +/// SPDM PSK_EXCHANGE response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D HeartbeatPeriod=0D + // Param2 =3D=3D RSVD=0D + UINT16 RspSessionID;=0D + UINT16 Reserved;=0D + UINT16 ResponderContextLength;=0D + UINT16 OpaqueLength;=0D + // UINT8 MeasurementSummaryHash[DigestSize];=0D + // UINT8 ResponderContext[ResponderContextLength];=0D + // UINT8 OpaqueData[OpaqueLength];=0D + // UINT8 ResponderVerifyData[H];=0D +} SPDM_PSK_EXCHANGE_RESPONSE;=0D +=0D +///=0D +/// SPDM PSK_FINISH request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D + // UINT8 RequesterVerifyData[H];=0D +} SPDM_PSK_FINISH_REQUEST;=0D +=0D +///=0D +/// SPDM PSK_FINISH response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D +} SPDM_PSK_FINISH_RESPONSE;=0D +=0D +///=0D +/// SPDM HEARTBEAT request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D +} SPDM_HEARTBEAT_REQUEST;=0D +=0D +///=0D +/// SPDM HEARTBEAT response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D +} SPDM_HEARTBEAT_RESPONSE;=0D +=0D +///=0D +/// SPDM KEY_UPDATE request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D KeyOperation=0D + // Param2 =3D=3D Tag=0D +} SPDM_KEY_UPDATE_REQUEST;=0D +=0D +///=0D +/// SPDM KEY_UPDATE Operations Table=0D +///=0D +#define SPDM_KEY_UPDATE_OPERATIONS_TABLE_UPDATE_KEY 1=0D +#define SPDM_KEY_UPDATE_OPERATIONS_TABLE_UPDATE_ALL_KEYS 2=0D +#define SPDM_KEY_UPDATE_OPERATIONS_TABLE_VERIFY_NEW_KEY 3=0D +=0D +///=0D +/// SPDM KEY_UPDATE response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D KeyOperation=0D + // Param2 =3D=3D Tag=0D +} SPDM_KEY_UPDATE_RESPONSE;=0D +=0D +///=0D +/// SPDM GET_ENCAPSULATED_REQUEST request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D +} SPDM_GET_ENCAPSULATED_REQUEST_REQUEST;=0D +=0D +///=0D +/// SPDM ENCAPSULATED_REQUEST response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RequestID=0D + // Param2 =3D=3D RSVD=0D + // UINT8 EncapsulatedRequest[];=0D +} SPDM_ENCAPSULATED_REQUEST_RESPONSE;=0D +=0D +///=0D +/// SPDM DELIVER_ENCAPSULATED_RESPONSE request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RequestID=0D + // Param2 =3D=3D RSVD=0D + // UINT8 EncapsulatedResponse[];=0D +} SPDM_DELIVER_ENCAPSULATED_RESPONSE_REQUEST;=0D +=0D +///=0D +/// SPDM ENCAPSULATED_RESPONSE_ACK response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RequestID=0D + // Param2 =3D=3D PayloadType=0D + // below 4 bytes are added in 1.2.=0D + UINT8 AckRequestId;=0D + UINT8 Reserved[3];=0D + // UINT8 EncapsulatedRequest[];=0D +} SPDM_ENCAPSULATED_RESPONSE_ACK_RESPONSE;=0D +=0D +///=0D +/// SPDM ENCAPSULATED_RESPONSE_ACK_RESPONSE Payload Type=0D +///=0D +#define SPDM_ENCAPSULATED_RESPONSE_ACK_RESPONSE_PAYLOAD_TYPE_ABSENT = 0=0D +#define SPDM_ENCAPSULATED_RESPONSE_ACK_RESPONSE_PAYLOAD_TYPE_PRESENT = 1=0D +#define SPDM_ENCAPSULATED_RESPONSE_ACK_RESPONSE_PAYLOAD_TYPE_REQ_SLOT_NUMB= ER 2=0D +=0D +///=0D +/// SPDM END_SESSION request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D EndSessionRequestAttributes=0D + // Param2 =3D=3D RSVD=0D +} SPDM_END_SESSION_REQUEST;=0D +=0D +///=0D +/// SPDM END_SESSION request Attributes=0D +///=0D +#define SPDM_END_SESSION_REQUEST_ATTRIBUTES_PRESERVE_NEGOTIATED_STATE_CLEA= R BIT0=0D +=0D +///=0D +/// SPDM END_SESSION response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + // Param1 =3D=3D RSVD=0D + // Param2 =3D=3D RSVD=0D +} SPDM_END_SESSION_RESPONSE;=0D +=0D +//=0D +// Below command is defined in SPDM 1.2=0D +//=0D +=0D +///=0D +/// SPDM SET_CERTIFICATE request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 =3D=3D BIT[0:3]=3Dslot_id, BIT[4:7]=3DRSVD=0D + // param2 =3D=3D RSVD=0D + // param1 and param2 are updated in 1.3=0D + // param1 =3D=3D Request attributes, BIT[0:3]=3Dslot_id, BIT[4:6]=3DSetC= ertModel, BIT[7]=3DErase=0D + // param2 =3D=3D KeyPairID=0D + // void * CertChain=0D +} SPDM_SET_CERTIFICATE_REQUEST;=0D +=0D +#define SPDM_SET_CERTIFICATE_REQUEST_SLOT_ID_MASK 0xF=0D +=0D +///=0D +/// SPDM SET_CERTIFICATE request Attributes=0D +///=0D +#define SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_MASK 0x70=0D +#define SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_CERT_MODEL_OFFSET 4=0D +#define SPDM_SET_CERTIFICATE_REQUEST_ATTRIBUTES_ERASE 0x80=0D +=0D +///=0D +/// SPDM SET_CERTIFICATE_RSP response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 =3D=3D BIT[0:3]=3Dslot_id, BIT[4:7]=3DRSVD=0D + // param2 =3D=3D RSVD=0D +} SPDM_SET_CERTIFICATE_RESPONSE;=0D +=0D +#define SPDM_SET_CERTIFICATE_RESPONSE_SLOT_ID_MASK 0xF=0D +=0D +///=0D +/// SPDM GET_CSR request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D + UINT16 RequesterInfoLength;=0D + UINT16 OpaqueDataLength;=0D +=0D + // UINT8 RequesterInfo[RequesterInfoLength];=0D + // UINT8 OpaqueData[OpaqueDataLength];=0D +} SPDM_GET_CSR_REQUEST;=0D +=0D +///=0D +/// SPDM GET_CSR request Attributes=0D +///=0D +#define SPDM_GET_CSR_REQUEST_ATTRIBUTES_CERT_MODEL_MASK 0x07=0D +#define SPDM_GET_CSR_REQUEST_ATTRIBUTES_CSR_TRACKING_TAG_MASK 0x38=0D +#define SPDM_GET_CSR_REQUEST_ATTRIBUTES_CSR_TRACKING_TAG_OFFSET 3=0D +#define SPDM_GET_CSR_REQUEST_ATTRIBUTES_OVERWRITE 0x80=0D +#define SPDM_GET_CSR_REQUEST_ATTRIBUTES_MAX_CSR_CERT_MODEL 4=0D +=0D +///=0D +/// Maximum size, in bytes, of a CSR.=0D +///=0D +#define SPDM_MAX_CSR_SIZE 65535=0D +=0D +///=0D +/// SPDM CSR response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 =3D=3D RSVD=0D + // param2 =3D=3D RSVD=0D + UINT16 CsrLength;=0D + UINT16 Reserved;=0D +} SPDM_CSR_RESPONSE;=0D +=0D +///=0D +/// SPDM CHUNK_SEND request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 - Request Attributes=0D + // param2 - Handle=0D + UINT16 ChunkSeqNo;=0D + UINT16 Reserved;=0D + UINT32 ChunkSize;=0D +=0D + // UINT32 LargeMessageSize;=0D + // UINT8 SpdmChunk[ChunkSize];=0D +} SPDM_CHUNK_SEND_REQUEST;=0D +=0D +#define SPDM_CHUNK_SEND_REQUEST_ATTRIBUTE_LAST_CHUNK (1 << 0)=0D +=0D +///=0D +/// SPDM CHUNK_SEND_ACK response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 - Response Attributes=0D + // param2 - Handle=0D + UINT16 ChunkSeqNo;=0D + // UINT8 response_to_large_request[variable]=0D +} SPDM_CHUNK_SEND_ACK_RESPONSE;=0D +=0D +#define SPDM_CHUNK_SEND_ACK_RESPONSE_ATTRIBUTE_EARLY_ERROR_DETECTED (1 <<= 0)=0D +=0D +///=0D +/// SPDM CHUNK_GET request=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 - Reserved=0D + // param2 - Handle=0D + UINT16 ChunkSeqNo;=0D +} SPDM_CHUNK_GET_REQUEST;=0D +=0D +///=0D +/// SPDM CHUNK_RESPONSE response=0D +///=0D +typedef struct {=0D + SPDM_MESSAGE_HEADER Header;=0D +=0D + // param1 - Response Attributes=0D + // param2 - Handle=0D + UINT16 ChunkSeqNo;=0D + UINT16 Reserved;=0D + UINT32 ChunkSize;=0D +=0D + // UINT32 LargeMessageSize;=0D + // UINT8 SpdmChunk[ChunkSize];=0D +} SPDM_CHUNK_RESPONSE_RESPONSE;=0D +=0D +#define SPDM_CHUNK_GET_RESPONSE_ATTRIBUTE_LAST_CHUNK (1 << 0)=0D #pragma pack()=0D =0D +#define SPDM_VERSION_1_1_BIN_CONCAT_LABEL "spdm1.1 "=0D +#define SPDM_VERSION_1_2_BIN_CONCAT_LABEL "spdm1.2 "=0D +#define SPDM_BIN_STR_0_LABEL "derived"=0D +#define SPDM_BIN_STR_1_LABEL "req hs data"=0D +#define SPDM_BIN_STR_2_LABEL "rsp hs data"=0D +#define SPDM_BIN_STR_3_LABEL "req app data"=0D +#define SPDM_BIN_STR_4_LABEL "rsp app data"=0D +#define SPDM_BIN_STR_5_LABEL "key"=0D +#define SPDM_BIN_STR_6_LABEL "iv"=0D +#define SPDM_BIN_STR_7_LABEL "finished"=0D +#define SPDM_BIN_STR_8_LABEL "exp master"=0D +#define SPDM_BIN_STR_9_LABEL "traffic upd"=0D +=0D +///=0D +/// The maximum amount of time in microseconds the Responder has to provid= e a response=0D +/// to requests that do not require cryptographic processing.=0D +///=0D +#define SPDM_ST1_VALUE_US 100000=0D +=0D +///=0D +/// id-DMTF 1.3.6.1.4.1.412=0D +///=0D +#define SPDM_OID_DMTF \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C }=0D +// id-DMTF-spdm, { id-DMTF 274 }, 1.3.6.1.4.1.412.274=0D +#define SPDM_OID_DMTF_SPDM \=0D + {0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12 }=0D +// id-DMTF-device-info, { id-DMTF-spdm 1 }, 1.3.6.1.4.1.412.274.1=0D +#define SPDM_OID_DMTF_DEVICE_INFO \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x01 }=0D +// id-DMTF-hardware-identity, { id-DMTF-spdm 2 }, 1.3.6.1.4.1.412.274.2=0D +#define SPDM_OID_DMTF_HARDWARE_IDENTITY \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x02 }=0D +// id-DMTF-eku-responder-auth, { id-DMTF-spdm 3 }, 1.3.6.1.4.1.412.274.3=0D +#define SPDM_OID_DMTF_EKU_RESPONDER_AUTH \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x03 }=0D +// id-DMTF-eku-requester-auth, { id-DMTF-spdm 4 }, 1.3.6.1.4.1.412.274.4=0D +#define SPDM_OID_DMTF_EKU_REQUESTER_AUTH \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x04 }=0D +// id-DMTF-mutable-certificate, { id-DMTF-spdm 5 }, 1.3.6.1.4.1.412.274.5= =0D +#define SPDM_OID_DMTF_MUTABLE_CERTIFICATE \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x05 }=0D +// id-DMTF-SPDM-extension, { id-DMTF-spdm 6 }, 1.3.6.1.4.1.412.274.6=0D +#define SPDM_OID_DMTF_SPDM_EXTENSION \=0D + {0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C, 0x82, 0x12, 0x06 }=0D #endif=0D --=20 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117306): https://edk2.groups.io/g/devel/message/117306 Mute This Topic: https://groups.io/mt/105281047/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-