SpdmSecurityLib.h

Last change on this file was 105670, checked in by vboxsync, 9 months ago
Devices/EFI/FirmwareNew: Merge edk2-stable-202405 and make it build on aarch64, bugref:4643
Property svn:eol-style set to `native`
File size: 19.3 KB

Line
1	/** @file
2	EDKII Device Security library for SPDM device.
3	It follows the SPDM Specification.
4
5	Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
6	SPDX-License-Identifier: BSD-2-Clause-Patent
7
8	**/
9
10	#ifndef SPDM_SECURITY_LIB_H_
11	#define SPDM_SECURITY_LIB_H_
12
13	#include <Protocol/DeviceSecurity.h>
14	#include <Protocol/DeviceSecurityPolicy.h>
15
16	/**
17	* Send an SPDM transport layer message to a device.
18	*
19	* The message is an SPDM message with transport layer wrapper,
20	* or a secured SPDM message with transport layer wrapper.
21	*
22	* For requester, the message is a transport layer SPDM request.
23	* For responder, the message is a transport layer SPDM response.
24	*
25	* @param spdm_context A pointer to the SPDM context.
26	* @param message_size size in bytes of the message data buffer.
27	* @param message A pointer to a destination buffer to store the message.
28	* The caller is responsible for having
29	* either implicit or explicit ownership of the buffer.
30	* The message pointer shall be inside of
31	* [msg_buf_ptr, msg_buf_ptr + max_msg_size] from
32	* acquired sender_buffer.
33	* @param timeout The timeout, in 100ns units, to use for the execution
34	* of the message. A timeout value of 0
35	* means that this function will wait indefinitely for the
36	* message to execute. If timeout is greater
37	* than zero, then this function will return RETURN_TIMEOUT if the
38	* time required to execute the message is greater
39	* than timeout.
40	*
41	* @retval RETURN_SUCCESS The SPDM message is sent successfully.
42	* @retval RETURN_DEVICE_ERROR A device error occurs when the SPDM message is sent to the device.
43	* @retval RETURN_INVALID_PARAMETER The message is NULL or the message_size is zero.
44	* @retval RETURN_TIMEOUT A timeout occurred while waiting for the SPDM message
45	* to execute.
46	**/
47	typedef
48	SPDM_RETURN
49	(*SPDM_DEVICE_SEND_MESSAGE_FUNC)(
50	IN VOID *SpdmContext,
51	IN UINTN MessageSize,
52	IN OUT CONST VOID *Message,
53	IN UINT64 Timeout
54	);
55
56	/**
57	* Receive an SPDM transport layer message from a device.
58	*
59	* The message is an SPDM message with transport layer wrapper,
60	* or a secured SPDM message with transport layer wrapper.
61	*
62	* For requester, the message is a transport layer SPDM response.
63	* For responder, the message is a transport layer SPDM request.
64	*
65	* @param spdm_context A pointer to the SPDM context.
66	* @param message_size size in bytes of the message data buffer.
67	* @param message A pointer to a destination buffer to store the message.
68	* The caller is responsible for having
69	* either implicit or explicit ownership of the buffer.
70	* On input, the message pointer shall be msg_buf_ptr from
71	* acquired receiver_buffer.
72	* On output, the message pointer shall be inside of
73	* [msg_buf_ptr, msg_buf_ptr + max_msg_size] from
74	* acquired receiver_buffer.
75	* @param timeout The timeout, in 100ns units, to use for the execution
76	* of the message. A timeout value of 0
77	* means that this function will wait indefinitely for the
78	* message to execute. If timeout is greater
79	* than zero, then this function will return RETURN_TIMEOUT if the
80	* time required to execute the message is greater
81	* than timeout.
82	*
83	* @retval RETURN_SUCCESS The SPDM message is received successfully.
84	* @retval RETURN_DEVICE_ERROR A device error occurs when the SPDM message is received from the device.
85	* @retval RETURN_INVALID_PARAMETER The message is NULL, message_size is NULL or
86	* the *message_size is zero.
87	* @retval RETURN_TIMEOUT A timeout occurred while waiting for the SPDM message
88	* to execute.
89	**/
90	typedef
91	SPDM_RETURN
92	(*SPDM_DEVICE_RECEIVE_MESSAGE_FUNC)(
93	IN VOID *SpdmContext,
94	IN OUT UINTN *MessageSize,
95	IN OUT VOID **Message,
96	IN UINT64 Timeout
97	);
98
99	/**
100	* Encode an SPDM or APP message to a transport layer message.
101	*
102	* For normal SPDM message, it adds the transport layer wrapper.
103	* For secured SPDM message, it encrypts a secured message then adds the transport layer wrapper.
104	* For secured APP message, it encrypts a secured message then adds the transport layer wrapper.
105	*
106	* The APP message is encoded to a secured message directly in SPDM session.
107	* The APP message format is defined by the transport layer.
108	* Take MCTP as example: APP message == MCTP header (MCTP_MESSAGE_TYPE_SPDM) + SPDM message
109	*
110	* @param spdm_context A pointer to the SPDM context.
111	* @param session_id Indicates if it is a secured message protected via SPDM session.
112	* If session_id is NULL, it is a normal message.
113	* If session_id is NOT NULL, it is a secured message.
114	* @param is_app_message Indicates if it is an APP message or SPDM message.
115	* @param is_requester Indicates if it is a requester message.
116	* @param message_size size in bytes of the message data buffer.
117	* @param message A pointer to a source buffer to store the message.
118	* For normal message, it shall point to the acquired sender buffer.
119	* For secured message, it shall point to the scratch buffer in spdm_context.
120	* @param transport_message_size size in bytes of the transport message data buffer.
121	* @param transport_message A pointer to a destination buffer to store the transport message.
122	* On input, it shall be msg_buf_ptr from sender buffer.
123	* On output, it will point to acquired sender buffer.
124	*
125	* @retval RETURN_SUCCESS The message is encoded successfully.
126	* @retval RETURN_INVALID_PARAMETER The message is NULL or the message_size is zero.
127	**/
128	typedef
129	SPDM_RETURN
130	(*SPDM_TRANSPORT_ENCODE_MESSAGE_FUNC)(
131	IN VOID *SpdmContext,
132	IN OUT CONST UINT32 *SessionId,
133	IN BOOLEAN IsAppMessage,
134	IN BOOLEAN IsRequester,
135	IN UINTN MessageSize,
136	IN OUT VOID *Message,
137	IN OUT UINTN *TransportMessageSize,
138	IN VOID **TransportMessage
139	);
140
141	/**
142	* Decode an SPDM or APP message from a transport layer message.
143	*
144	* For normal SPDM message, it removes the transport layer wrapper,
145	* For secured SPDM message, it removes the transport layer wrapper, then decrypts and verifies a secured message.
146	* For secured APP message, it removes the transport layer wrapper, then decrypts and verifies a secured message.
147	*
148	* The APP message is decoded from a secured message directly in SPDM session.
149	* The APP message format is defined by the transport layer.
150	* Take MCTP as example: APP message == MCTP header (MCTP_MESSAGE_TYPE_SPDM) + SPDM message
151	*
152	* @param spdm_context A pointer to the SPDM context.
153	* @param session_id Indicates if it is a secured message protected via SPDM session.
154	* If *session_id is NULL, it is a normal message.
155	* If *session_id is NOT NULL, it is a secured message.
156	* @param is_app_message Indicates if it is an APP message or SPDM message.
157	* @param is_requester Indicates if it is a requester message.
158	* @param transport_message_size size in bytes of the transport message data buffer.
159	* @param transport_message A pointer to a source buffer to store the transport message.
160	* For normal message or secured message, it shall point to acquired receiver buffer.
161	* @param message_size size in bytes of the message data buffer.
162	* @param message A pointer to a destination buffer to store the message.
163	* On input, it shall point to the scratch buffer in spdm_context.
164	* On output, for normal message, it will point to the original receiver buffer.
165	* On output, for secured message, it will point to the scratch buffer in spdm_context.
166	*
167	* @retval RETURN_SUCCESS The message is decoded successfully.
168	* @retval RETURN_INVALID_PARAMETER The message is NULL or the message_size is zero.
169	* @retval RETURN_UNSUPPORTED The transport_message is unsupported.
170	**/
171	typedef
172	SPDM_RETURN
173	(*SPDM_TRANSPORT_DECODE_MESSAGE_FUNC)(
174	IN VOID *SpdmContext,
175	IN OUT UINT32 **SessionId,
176	IN BOOLEAN *IsAppMessage,
177	IN BOOLEAN IsRequester,
178	IN UINTN TransportMessageSize,
179	IN OUT VOID *TransportMessage,
180	IN OUT UINTN *MessageSize,
181	IN OUT VOID **Message
182	);
183
184	/**
185	* Acquire a device sender buffer for transport layer message.
186	*
187	* The max_msg_size must be larger than
188	* MAX (non-secure Transport Message Header Size +
189	* SPDM_CAPABILITIES.DataTransferSize +
190	* max alignment pad size (transport specific),
191	* secure Transport Message Header Size +
192	* sizeof(spdm_secured_message_a_data_header1_t) +
193	* length of sequence_number (transport specific) +
194	* sizeof(spdm_secured_message_a_data_header2_t) +
195	* sizeof(spdm_secured_message_cipher_header_t) +
196	* App Message Header Size (transport specific) +
197	* SPDM_CAPABILITIES.DataTransferSize +
198	* maximum random data size (transport specific) +
199	* AEAD MAC size (16) +
200	* max alignment pad size (transport specific))
201	*
202	* For MCTP,
203	* Transport Message Header Size = sizeof(mctp_message_header_t)
204	* length of sequence_number = 2
205	* App Message Header Size = sizeof(mctp_message_header_t)
206	* maximum random data size = MCTP_MAX_RANDOM_NUMBER_COUNT
207	* max alignment pad size = 0
208	* For PCI_DOE,
209	* Transport Message Header Size = sizeof(pci_doe_data_object_header_t)
210	* length of sequence_number = 0
211	* App Message Header Size = 0
212	* maximum random data size = 0
213	* max alignment pad size = 3
214	*
215	* @param context A pointer to the SPDM context.
216	* @param max_msg_size size in bytes of the maximum size of sender buffer.
217	* @param msg_buf_ptr A pointer to a sender buffer.
218	*
219	* @retval RETURN_SUCCESS The sender buffer is acquired.
220	**/
221	typedef
222	SPDM_RETURN
223	(*SPDM_DEVICE_ACQUIRE_SENDER_BUFFER_FUNC)(
224	IN VOID *SpdmContext,
225	IN OUT VOID **MsgBufPtr
226	);
227
228	/**
229	* Release a device sender buffer for transport layer message.
230	*
231	* @param context A pointer to the SPDM context.
232	* @param msg_buf_ptr A pointer to a sender buffer.
233	*
234	* @retval RETURN_SUCCESS The sender buffer is Released.
235	**/
236	typedef
237	VOID
238	(*SPDM_DEVICE_RELEASE_SENDER_BUFFER_FUNC)(
239	IN VOID *SpdmContext,
240	IN CONST VOID *MsgBufPtr
241	);
242
243	/**
244	* Acquire a device receiver buffer for transport layer message.
245	*
246	* The max_msg_size must be larger than
247	* MAX (non-secure Transport Message Header Size +
248	* SPDM_CAPABILITIES.DataTransferSize +
249	* max alignment pad size (transport specific),
250	* secure Transport Message Header Size +
251	* sizeof(spdm_secured_message_a_data_header1_t) +
252	* length of sequence_number (transport specific) +
253	* sizeof(spdm_secured_message_a_data_header2_t) +
254	* sizeof(spdm_secured_message_cipher_header_t) +
255	* App Message Header Size (transport specific) +
256	* SPDM_CAPABILITIES.DataTransferSize +
257	* maximum random data size (transport specific) +
258	* AEAD MAC size (16) +
259	* max alignment pad size (transport specific))
260	*
261	* For MCTP,
262	* Transport Message Header Size = sizeof(mctp_message_header_t)
263	* length of sequence_number = 2
264	* App Message Header Size = sizeof(mctp_message_header_t)
265	* maximum random data size = MCTP_MAX_RANDOM_NUMBER_COUNT
266	* max alignment pad size = 0
267	* For PCI_DOE,
268	* Transport Message Header Size = sizeof(pci_doe_data_object_header_t)
269	* length of sequence_number = 0
270	* App Message Header Size = 0
271	* maximum random data size = 0
272	* max alignment pad size = 3
273	*
274	* @param context A pointer to the SPDM context.
275	* @param max_msg_size size in bytes of the maximum size of receiver buffer.
276	* @param msg_buf_pt A pointer to a receiver buffer.
277	*
278	* @retval RETURN_SUCCESS The receiver buffer is acquired.
279	**/
280	typedef
281	SPDM_RETURN
282	(*SPDM_DEVICE_ACQUIRE_RECEIVER_BUFFER_FUNC)(
283	IN VOID *SpdmContext,
284	IN OUT VOID **MsgBufPtr
285	);
286
287	/**
288	* Release a device receiver buffer for transport layer message.
289	*
290	* @param context A pointer to the SPDM context.
291	* @param msg_buf_ptr A pointer to a receiver buffer.
292	*
293	* @retval RETURN_SUCCESS The receiver buffer is Released.
294	**/
295	typedef
296	VOID
297	(*SPDM_DEVICE_RELEASE_RECEIVER_BUFFER_FUNC)(
298	IN VOID *SpdmContext,
299	IN CONST VOID *MsgBufPtr
300	);
301
302	typedef struct {
303	UINT32 Version;
304	//
305	// DeviceType is used to create TCG event log context_data.
306	// DeviceHandle is used to create TCG event log device_path information.
307	//
308	EDKII_DEVICE_IDENTIFIER *DeviceId;
309
310	//
311	// TRUE means to use PCR 0 (code) / 1 (config).
312	// FALSE means to use PCR 2 (code) / 3 (config).
313	//
314	BOOLEAN IsEmbeddedDevice;
315
316	//
317	// Below 9 APIs are used to send/receive SPDM request/response.
318	//
319	// The request flow is:
320	// \|<--- SenderBufferSize --->\|
321	// \|<--- TransportRequestBufferSize --->\|
322	// \|<---MaxHeaderSize--->\|<-SpdmRequestBufferSize ->\|
323	// +--+------------------+==========================+----------------+--+
324	// \| \| Transport Header \| SPDM Message \| Transport Tail \| \|
325	// +--+------------------+==========================+----------------+--+
326	// ^ ^ ^
327	// \| \| \| SpdmRequestBuffer
328	// \| \| TransportRequestBuffer
329	// \| SenderBuffer
330	//
331	// AcquireSenderBuffer (&SenderBuffer, &SenderBufferSize);
332	// SpdmRequestBuffer = SenderBuffer + TransportHeaderSize;
333	// /* build SPDM request in SpdmRequestBuffer */
334	// TransportEncodeMessage (SpdmRequestBuffer, SpdmRequestBufferSize,
335	// &TransportRequestBuffer, &TransportRequestBufferSize);
336	// SendMessage (TransportRequestBuffer, TransportRequestBufferSize);
337	// ReleaseSenderBuffer (SenderBuffer);
338	//
339	// The response flow is:
340	// \|<--- ReceiverBufferSize --->\|
341	// \|<--- TransportResponseBufferSize --->\|
342	// \|<-SpdmResponseBufferSize->\|
343	// +--+------------------+==========================+----------------+--+
344	// \| \| Transport Header \| SPDM Message \| Transport Tail \| \|
345	// +--+------------------+==========================+----------------+--+
346	// ^ ^ ^
347	// \| \| \| SpdmResponseBuffer
348	// \| \| TransportResponseBuffer
349	// \| ReceiverBuffer
350	//
351	// AcquireReceiverBuffer (&ReceiverBuffer, &ReceiverBufferSize);
352	// TransportResponseBuffer = ReceiverBuffer;
353	// ReceiveMessage (&TransportResponseBuffer, &TransportResponseBufferSize);
354	// TransportDecodeMessage (TransportResponseBuffer, TransportResponseBufferSize,
355	// &SpdmResponseBuffer, &SpdmResponseBufferSize);
356	// /* process SPDM response in SpdmResponseBuffer */
357	// ReleaseReceiverBuffer (ReceiverBuffer);
358	//
359
360	//
361	// API required by SpdmRegisterDeviceIoFunc in libspdm
362	// It is used to send/receive transport message (SPDM + transport header).
363	//
364	SPDM_DEVICE_SEND_MESSAGE_FUNC SendMessage;
365	SPDM_DEVICE_RECEIVE_MESSAGE_FUNC ReceiveMessage;
366	//
367	// API required by SpdmRegisterTransportLayerFunc in libspdm
368	// It is used to add/remove transport header for SPDM.
369	//
370	SPDM_TRANSPORT_ENCODE_MESSAGE_FUNC TransportEncodeMessage;
371	SPDM_TRANSPORT_DECODE_MESSAGE_FUNC TransportDecodeMessage;
372	//
373	// API required by SpdmRegisterDeviceBufferFunc in libspdm
374	// It is used to get the sender/receiver buffer for transport message (SPDM + transport header).
375	// The size MUST be big enough to send or receive one transport message (SPDM + transport header).
376	// Tthe sender/receiver buffer MAY be overlapped.
377	//
378	SPDM_DEVICE_ACQUIRE_SENDER_BUFFER_FUNC AcquireSenderBuffer;
379	SPDM_DEVICE_RELEASE_SENDER_BUFFER_FUNC ReleaseSenderBuffer;
380	SPDM_DEVICE_ACQUIRE_RECEIVER_BUFFER_FUNC AcquireReceiverBuffer;
381	SPDM_DEVICE_RELEASE_RECEIVER_BUFFER_FUNC ReleaseReceiverBuffer;
382
383	//
384	// Preferred Algorithm List for SPDM negotiation.
385	// If it is none zero, it will be used directly.
386	// If it is zero, then the SpdmSecurityLib will set the default value.
387	//
388	UINT32 BaseHashAlgo;
389	UINT32 BaseAsymAlgo;
390
391	//
392	// transfer size
393	//
394	UINT32 MaxSpdmMsgSize;
395	UINT32 TransportHeaderSize;
396	UINT32 TransportTailSize;
397	UINT32 SenderBufferSize;
398	UINT32 ReceiverBufferSize;
399
400	EFI_GUID *SpdmIoProtocolGuid;
401	} EDKII_SPDM_DEVICE_INFO;
402
403	/**
404	This function will send SPDM VCA, GET_CERTIFICATE, CHALLENGE, GET_MEASUREMENT,
405	The certificate and measurement will be extended to TPM PCR/NvIndex.
406	**/
407	RETURN_STATUS
408	EFIAPI
409	SpdmDeviceAuthenticationAndMeasurement (
410	IN EDKII_SPDM_DEVICE_INFO *SpdmDeviceInfo,
411	IN EDKII_DEVICE_SECURITY_POLICY *SecurityPolicy,
412	OUT EDKII_DEVICE_SECURITY_STATE *SecurityState
413	);
414
415	/**
416	This function will get SpdmIoProtocol via Context.
417	**/
418	VOID *
419	EFIAPI
420	SpdmGetIoProtocolViaSpdmContext (
421	IN VOID *SpdmContext
422	);
423
424	/**
425	Helper function to quickly determine whether device authentication boot is enabled.
426
427	@retval TRUE device authentication boot is verifiably enabled.
428	@retval FALSE device authentication boot is either disabled or an error prevented checking.
429
430	**/
431	BOOLEAN
432	EFIAPI
433	IsDeviceAuthBootEnabled (
434	VOID
435	);
436
437	#endif

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Devices/EFI/FirmwareNew/SecurityPkg/Include/Library/SpdmSecurityLib.h

Download in other formats: