@@ -466,11 +466,38 @@ typedef struct {
466466/* SPDM GET_DIGESTS response */
467467typedef struct {
468468 spdm_message_header_t header ;
469- /* param1 == RSVD
470- * param2 == slot_mask
471- * uint8_t digest[digest_size][slot_count];*/
469+ /* param1 == RSVD (supported_slot_mask in 1.3)
470+ * param2 == slot_mask (provisioned_slot_mask in 1.3) determing slot_count
471+ * cert slot state:
472+ * 1) not exist: supported_slot_mask[slot_id] = 0
473+ * 2) exist and empty: supported_slot_mask[slot_id] = 1 && provisioned_slot_mask[slot_id] = 0
474+ * 3) exist with key: supported_slot_mask[slot_id] = 1 && provisioned_slot_mask[slot_id] = 1 && cert_model = 0
475+ * 4) exist with key/cert: supported_slot_mask[slot_id] = 1 && provisioned_slot_mask[slot_id] = 1 && cert_model = !0
476+ *
477+ * uint8_t digest[digest_size][slot_count];
478+ *
479+ * Below field is added in 1.3. Present if MULTI_KEY_CONN is 1.
480+ * spdm_key_pair_id_t key_pair_id[slot_count];
481+ * spdm_certificate_info_t certificate_info[slot_count];
482+ * spdm_key_usage_bit_mask_t key_usage_bit_mask[slot_count];*/
472483} spdm_digest_response_t ;
473484
485+ typedef uint8_t spdm_key_pair_id_t ;
486+
487+ typedef uint8_t spdm_certificate_info_t ;
488+ #define SPDM_CERTIFICATE_INFO_CERT_MODEL_MASK 0x7
489+ #define SPDM_CERTIFICATE_INFO_CERT_MODEL_NONE 0x0
490+ #define SPDM_CERTIFICATE_INFO_CERT_MODEL_DEVICE_CERT 0x1
491+ #define SPDM_CERTIFICATE_INFO_CERT_MODEL_ALIAS_CERT 0x2
492+ #define SPDM_CERTIFICATE_INFO_CERT_MODEL_GENERIC_CERT 0x4
493+
494+ typedef uint16_t spdm_key_usage_bit_mask_t ;
495+ #define SPDM_KEY_USAGE_BIT_MASK_KEY_EX_USE 0x1
496+ #define SPDM_KEY_USAGE_BIT_MASK_CHALLENGE_USE 0x2
497+ #define SPDM_KEY_USAGE_BIT_MASK_MEASUREMENT_USE 0x4
498+ #define SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE 0x8
499+ #define SPDM_KEY_USAGE_BIT_MASK_STANDARDS_KEY_USE 0x4000
500+ #define SPDM_KEY_USAGE_BIT_MASK_VENDOR_KEY_USE 0x8000
474501
475502/* SPDM GET_CERTIFICATE request */
476503typedef struct {
0 commit comments