|
| 1 | +# Standard Measurement Report |
| 2 | + |
| 3 | +The SPDM specification grants the Requester flexibility when retrieving measurements from a |
| 4 | +Responder via `GET_MEASUREMENTS`. This flexibility includes the presence or absence of a signature, |
| 5 | +multiple `GET_MEASUREMENTS` requests to individual measurement indices, and the ability to indicate |
| 6 | +whether the Requester desires the measurements to be encoded as a raw bitstream or a cryptographic |
| 7 | +hash. However, it is possible for a Requester to construct measurement artifacts that are not easily |
| 8 | +consumed by a Verifier, if at all. For example a Verifier may reject the evaluation of multiple |
| 9 | +`GET_MEASUREMENTS` requests to the same Responder. |
| 10 | + |
| 11 | +This document describes a standard measurement report for an SPDM Responder that is constructed by a |
| 12 | +SPDM Requester and consumed by a Verifier while all agents are operating in production mode. In |
| 13 | +particular, a production Verifier may only support a measurement report of this type and can point |
| 14 | +to this document to advertise that restriction to other agents. |
| 15 | + |
| 16 | +## Standard Measurement Report Definition |
| 17 | + |
| 18 | +The standard measurement report is a byte buffer that consists of the L1/L2 transcript along with |
| 19 | +the signature over the transcript if the Responder supports signing. It is comprised of a single |
| 20 | +`GET_MEASUREMENTS` request and a single `MEASUREMENTS` response. |
| 21 | + |
| 22 | +For SPDM 1.0 and 1.1, the byte buffer is {`GET_MEASUREMENTS`, `MEASUREMENTS`}. For SPDM 1.2 and |
| 23 | +later, the byte buffer is {`VCA`, `GET_MEASUREMENTS`, `MEASUREMENTS`}. The `GET_MEASUREMENTS` |
| 24 | +request has the following properties: |
| 25 | +* `Param2 = 0xFF` |
| 26 | + * All measurement indices are requested. |
| 27 | +* If the Responder supports signature generation (`MEAS_CAP = 10b`) then `SignatureRequested` is |
| 28 | + set, else it is not set. |
| 29 | +* For SPDM 1.2 and later, `RawBitStreamRequested` is not set. |
| 30 | + * This is a hint to the Responder to hash measurements instead of producing their raw values. |
| 31 | +* For SPDM 1.3 and later, `NewMeasurementRequested` is not set. |
| 32 | + * This requests the current state of the Responder and not its future state. |
| 33 | + |
| 34 | +## Rationale |
| 35 | + |
| 36 | +### Single Request and Response |
| 37 | + |
| 38 | +Capturing all measurements in a single response provides an atomic snapshot of the state of the |
| 39 | +Responder at a specific point in time. As such, a Verifier need not have to reason about the state |
| 40 | +of the Responder through multiple measurement requests and responses with a possibly unknown amount |
| 41 | +of time between each message. |
| 42 | + |
| 43 | +### Byte Buffer |
| 44 | + |
| 45 | +A raw byte buffer allows the Verifier to verify the signature, if supported by the Responder, over |
| 46 | +the rest of the measurement report without any transformation of data. |
| 47 | + |
| 48 | +### `RawBitStreamRequested` |
| 49 | + |
| 50 | +In the interest of message size, `RawBitStreamRequested` is not set, indicating preference, when |
| 51 | +given the opportunity, for hashed measurements instead of raw measurements. In particular, certain |
| 52 | +raw measurements may only be examined for the purpose of debugging, whereas the hashed measurements |
| 53 | +are evaluated by the Verifier while the Responder is in production. |
| 54 | + |
| 55 | +### `NewMeasurementRequested` |
| 56 | + |
| 57 | +Presumably the Verifier evaluates the current state of the Responder and not its future state. As |
| 58 | +such `NewMeasurementRequested` is not set. |
0 commit comments