SPDM

SPDM OpenPRoT devices shall use SPDM to conduct all attestation operations both with downstream devices (as a requester) and upstream devices (as a responder.) Devices may choose to act as a requester, a responder, or both. All SPDM version references assume alignment with the most recently released versions of the spec.

OCP Attestation Spec 1.1 Alignment

OpenPRoT implementations of SPDM must align with the OCP Attestation Spec 1.1. All following sections have taken this spec into account. Please refer to that specification for details on specific requirements.

Baseline Version

OpenPRoT sets a baseline version of SPDM 1.2.

Requesters

OpenPRoT devices implementing an SPDM requester will implement support for SPDM 1.2 minimum and may implement SPDM 1.3 and up. The minimum and maximum supported SPDM versions can be changed if support for other versions is not necessary.

Responders

OpenPRoT devices implementing an SPDM responder must implement support for SPDM 1.2 or higher. Responders may only report (via GET_VERSION) a single supported version of SPDM.

Required Commands

All requesters and responders shall implement the four (4) spec mandatory SPDM commands:

  • GET_VERSION
  • GET_CAPABILITIES
  • NEGOTIATE_ALGORITHMS
  • RESPOND_IF_READY

All requesters and responders shall implement the following spec optional commands:

  • GET_DIGESTS
  • GET_CERTIFICATE
  • CHALLENGE
  • GET_MEASUREMENTS
  • GET_CSR
  • SET_CERTIFICATE
  • CHUNK_SEND
  • CHUNK_GET

Requesters and responders may implement the following recommended spec optional commands:

  • Events
    • GET_SUPPORTED_EVENT_TYPES
    • SUBSCRIBE_EVENT_TYPES
    • SEND_EVENT
  • Encapsulated requests
    • GET_ENCAPSULATED_REQUEST
    • DELIVER_ENCAPSULATED_RESPONSE
  • GET_KEY_PAIR_INFO
  • SET_KEY_PAIR_INFO
  • KEY_UPDATE
  • KEY_EXCHANGE
  • FINISH
  • PSK_EXCHANGE
  • PSK_FINISH

All other spec optional commands may be implemented as the integrator sees fit for their use case.

Required Capabilities

  • CERT_CAP (required for GET_CERTIFICATE)
  • CHAL_CAP (required for CHALLENGE)
  • MEAS_CAP (required for GET_MEASUREMENT)
  • MEAS_FRESH_CAP

Algorithms

The following cryptographic algorithms are accepted for use within OpenPRoT, but may be further constrained by hardware capabilities. At a minimum OpenPRoT hardware must support:

  • TPM_ALG_ECDSA_ECC_NIST_P384
  • TPM_ALG_SHA3_384

All others are optional and may be used if supported.

  • Asymmetric
    • TPM_ALG_ECDSA_ECC_NIST_P256
    • TPM_ALG_ECDSA_ECC_NIST_P384
    • EdDSA ed25519
    • EdDSA ed448
    • TPM_ALG_SHA_384
  • Hash
    • TPM_ALG_SHA_256
    • TPM_ALG_SHA_384
    • TPM_ALG_SHA_512
    • TPM_ALG_SHA3_256
    • TPM_ALG_SHA3_384
    • TPM_ALG_SHA3_512
  • AEAD Cipher
    • AES-128-GCM
    • AES-256-GCM
    • CHACHA20_POLY1305

Attestation Report Format

Devices will support either RATS EAT (as CWT) or an SPDM evidence manifest TOC per the TCG DICE Concise Evidence for SPDM specification.

Measurement block 0xF0

Devices that do not provide a Measurement Manifest shall locate RATS EAT at SPDM measurement block 0xF0