ResourceDefinition
uris
/redfish/v1/ComponentIntegrity/component_integrity_id
properties
| 名称 | 类型 | 是否只读 | 取值范围/枚举值 | 说明 |
|---|---|---|---|---|
| @odata.context | string | true | ComponentIntegrity资源模型的OData描述信息 | |
| @odata.id | string | true | ComponentIntegrity资源节点的访问路径 | |
| @odata.type | string | true | ComponentIntegrity资源类型 | |
| Id | string | true | ComponentIntegrity资源的ID | |
| Name | string | true | ComponentIntegrity资源的名称 | |
| Description | string | true | ComponentIntegrity资源的描述 | |
| ComponentIntegrityType | string | true | SPDM | 上报本完整性报告所使用的安全技术类型 |
| ComponentIntegrityTypeVersion | string | true | 上报本完整性报告所使用的安全技术的版本号 | |
| LastUpdated | string | true | 完整性报告最后刷新时间 | |
| TargetComponentURI | string | true | 指向一个提供本报告中完整性信息的资源的链接 | |
| SPDM | object | true | 本资源基于SPDM协议呈现的完整性信息 | |
| SPDM.IdentityAuthentication | object | true | 身份认证相关信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication | object | true | 响应者的认证信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate | object | true | 响应者证书集合资源 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate.@odata.id | string | true | 响应者证书集合资源访问路径 | |
| SPDM.MeasurementSet | object | true | 响应者的测量信息 | |
| SPDM.MeasurementSet.MeasurementSpecification | string | true | DMTF | 请求方与响应方之间协商的测量规范 |
| SPDM.MeasurementSet.MeasurementSummaryType | string | true | TCB | 测量摘要的类型 |
| SPDM.MeasurementSet.MeasurementSummaryHashAlgorithm | string | true | 测量摘要使用的哈希算法 | |
| SPDM.MeasurementSet.MeasurementSummary | string | true | 测量摘要 | |
| SPDM.MeasurementSet.Measurements | array | true | 响应者的测量块集合 | |
| SPDM.MeasurementSet.Measurements[].MeasurementIndex | number | true | 测量块的索引 | |
| SPDM.MeasurementSet.Measurements[].MeasurementHashAlgorithm | string | true | 用于计算该测量块的hash算法 | |
| SPDM.MeasurementSet.Measurements[].Measurement | string | true | 测量值 | |
| SPDM.MeasurementSet.Measurements[].LastUpdated | string | true | 本测量块的最后更新时间 | |
| SPDM.MeasurementSet.Measurements[].PartofSummaryHash | boolean | true | 该块是否为属于计算SummaryHash时使用的度量块的一部分 | |
| SPDM.MeasurementSet.Measurements[].MeasurementType | string | true | FirmwareConfiguration、HardwareConfiguration、ImmutableROM、MeasurementManifest、MutableFirmware、MutableFirmwareSecurityVersionNumber、MutableFirmwareVersion | 该测量块所代表的数据类型或特征。仅当MeasurementSpecification为DMTF时,才会呈现本属性 |
| SPDM.MeasurementSet.Measurements[].SecurityVersionNumber | string | true | 测量值所代表的安全版本号。仅当MeasurementSpecification为DMTF且MeasurementType为MutableFirmwareSecurityVersionNumber时,才会呈现本属性 | |
| Status | object | true | 完整性报告资源状态 | |
| Status.State | string | true | 是否使能 | |
| Status.Health | string | true | 健康状态 |
supported_methods
- GET
- POST
HTTP methods
GET
命令功能
查询组件完整性报告单个资源信息
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id
请求头:
X-Auth-Token: 123456789***********************请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| auth_value | 执行该请求时,必须在"Headers"中携带"X-Auth-Token"值用于鉴权 | 可通过/redfish/v1/SessionService/Sessions创建会话时获得 |
使用指南
BMC300 5.12.0.1及以上版本支持
使用实例
请求样例:
GET https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id请求头:
X-Auth-Token: 123456789***********************请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#ComponentIntegrity.ComponentIntegrity",
"@odata.id": "/redfish/v1/ComponentIntegrity/SPDM_0_1",
"@odata.type": "#ComponentIntegrity.ComponentIntegrity",
"Id": "SPDM_0_1",
"Name": "Component Integrity",
"Description": "SPDM Integrity Information for Controller_1 reported by SPDM_0",
"ComponentIntegrityType": "SPDM",
"ComponentIntegrityTypeVersion": "1.0",
"LastUpdated": "1970-01-01T00:00:55Z",
"TargetComponentURI": "/redfish/v1/Systems/1/Storages/RAIDStorage0",
"SPDM": {
"IdentityAuthentication": {
"ResponderAuthentication": {
"ComponentCertificate": {
"@odata.id": "/redfish/v1/Chassis/1/TrustedComponents/SPDM_0/Certificates"
}
}
},
"MeasurementSet": {
"MeasurementSpecification": "DMTF",
"MeasurementSummaryType": "TCB",
"MeasurementSummaryHashAlgorithm": "TPM_ALG_SHA_256",
"MeasurementSummary": "0101010101010101010101010101010101010101010101010101010101010101",
"Measurements": [
{
"MeasurementIndex": 1,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000000",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 2,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000001",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 3,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000002",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
}
]
}
},
"Status": {
"State": "Enabled",
"Health": "OK"
},
"Actions": {
"#ComponentIntegrity.SPDMGetSignedMeasurements": {
"target": "/redfish/v1/ComponentIntegrity/SPDM_0_1/Actions/ComponentIntegrity.SPDMGetSignedMeasurements",
"@Redfish.ActionInfo": "/redfish/v1/ComponentIntegrity/SPDM_0_1/SPDMGetSignedMeasurementsActionInfo"
}
}
}响应码:200
POST (ACTION)
SPDMGetSignedMeasurements
命令功能
基于SPDM协议获取组件签名测量值
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id/Actions/ComponentIntegrity.SPDMGetSignedMeasurements
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"MeasurementIndices": measurement_indices,
"SlotId": slot_id,
"Nonce": nonce
}请求头参数说明
参见 请求头参数说明
请求体参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| measurement_indices | 请求测量块的数组 | 非必需参数,可选填如下几个使用方式: 1、[1~254] 中的一个或多个唯一值 2、[255] 3、无此参数,默认使用[255] |
| slot_id | 签名使用的证书槽位ID | 非必需参数,可选填如下几个使用方式: 1、0~7:指定使用特定槽位标识符的证书 2、无此参数,默认使用 0 |
| nonce | 挑战随机数 | 非必需参数,可选填如下几个使用方式: 1、有此参数时,需要遵循规则:`^[0-9a-fA-F] |
ResourceDefinition
uris
/redfish/v1/ComponentIntegrity/component_integrity_id
properties
| 名称 | 类型 | 是否只读 | 取值范围/枚举值 | 说明 |
|---|---|---|---|---|
| @odata.context | string | true | ComponentIntegrity资源模型的OData描述信息 | |
| @odata.id | string | true | ComponentIntegrity资源节点的访问路径 | |
| @odata.type | string | true | ComponentIntegrity资源类型 | |
| Id | string | true | ComponentIntegrity资源的ID | |
| Name | string | true | ComponentIntegrity资源的名称 | |
| Description | string | true | ComponentIntegrity资源的描述 | |
| ComponentIntegrityType | string | true | SPDM | 上报本完整性报告所使用的安全技术类型 |
| ComponentIntegrityTypeVersion | string | true | 上报本完整性报告所使用的安全技术的版本号 | |
| LastUpdated | string | true | 完整性报告最后刷新时间 | |
| TargetComponentURI | string | true | 指向一个提供本报告中完整性信息的资源的链接 | |
| SPDM | object | true | 本资源基于SPDM协议呈现的完整性信息 | |
| SPDM.IdentityAuthentication | object | true | 身份认证相关信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication | object | true | 响应者的认证信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate | object | true | 响应者证书集合资源 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate.@odata.id | string | true | 响应者证书集合资源访问路径 | |
| SPDM.MeasurementSet | object | true | 响应者的测量信息 | |
| SPDM.MeasurementSet.MeasurementSpecification | string | true | DMTF | 请求方与响应方之间协商的测量规范 |
| SPDM.MeasurementSet.MeasurementSummaryType | string | true | TCB | 测量摘要的类型 |
| SPDM.MeasurementSet.MeasurementSummaryHashAlgorithm | string | true | 测量摘要使用的哈希算法 | |
| SPDM.MeasurementSet.MeasurementSummary | string | true | 测量摘要 | |
| SPDM.MeasurementSet.Measurements | array | true | 响应者的测量块集合 | |
| SPDM.MeasurementSet.Measurements[].MeasurementIndex | number | true | 测量块的索引 | |
| SPDM.MeasurementSet.Measurements[].MeasurementHashAlgorithm | string | true | 用于计算该测量块的hash算法 | |
| SPDM.MeasurementSet.Measurements[].Measurement | string | true | 测量值 | |
| SPDM.MeasurementSet.Measurements[].LastUpdated | string | true | 本测量块的最后更新时间 | |
| SPDM.MeasurementSet.Measurements[].PartofSummaryHash | boolean | true | 该块是否为属于计算SummaryHash时使用的度量块的一部分 | |
| SPDM.MeasurementSet.Measurements[].MeasurementType | string | true | FirmwareConfiguration、HardwareConfiguration、ImmutableROM、MeasurementManifest、MutableFirmware、MutableFirmwareSecurityVersionNumber、MutableFirmwareVersion | 该测量块所代表的数据类型或特征。仅当MeasurementSpecification为DMTF时,才会呈现本属性 |
| SPDM.MeasurementSet.Measurements[].SecurityVersionNumber | string | true | 测量值所代表的安全版本号。仅当MeasurementSpecification为DMTF且MeasurementType为MutableFirmwareSecurityVersionNumber时,才会呈现本属性 | |
| Status | object | true | 完整性报告资源状态 | |
| Status.State | string | true | 是否使能 | |
| Status.Health | string | true | 健康状态 |
supported_methods
- GET
- POST
HTTP methods
GET
命令功能
查询组件完整性报告单个资源信息
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id
请求头:
X-Auth-Token: 123456789***********************请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| auth_value | 执行该请求时,必须在"Headers"中携带"X-Auth-Token"值用于鉴权 | 可通过/redfish/v1/SessionService/Sessions创建会话时获得 |
使用指南
BMC300 5.12.0.1及以上版本支持
使用实例
请求样例:
GET https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id请求头:
X-Auth-Token: 123456789***********************请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#ComponentIntegrity.ComponentIntegrity",
"@odata.id": "/redfish/v1/ComponentIntegrity/SPDM_0_1",
"@odata.type": "#ComponentIntegrity.ComponentIntegrity",
"Id": "SPDM_0_1",
"Name": "Component Integrity",
"Description": "SPDM Integrity Information for Controller_1 reported by SPDM_0",
"ComponentIntegrityType": "SPDM",
"ComponentIntegrityTypeVersion": "1.0",
"LastUpdated": "1970-01-01T00:00:55Z",
"TargetComponentURI": "/redfish/v1/Systems/1/Storages/RAIDStorage0",
"SPDM": {
"IdentityAuthentication": {
"ResponderAuthentication": {
"ComponentCertificate": {
"@odata.id": "/redfish/v1/Chassis/1/TrustedComponents/SPDM_0/Certificates"
}
}
},
"MeasurementSet": {
"MeasurementSpecification": "DMTF",
"MeasurementSummaryType": "TCB",
"MeasurementSummaryHashAlgorithm": "TPM_ALG_SHA_256",
"MeasurementSummary": "0101010101010101010101010101010101010101010101010101010101010101",
"Measurements": [
{
"MeasurementIndex": 1,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000000",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 2,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000001",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 3,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000002",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
}
]
}
},
"Status": {
"State": "Enabled",
"Health": "OK"
},
"Actions": {
"#ComponentIntegrity.SPDMGetSignedMeasurements": {
"target": "/redfish/v1/ComponentIntegrity/SPDM_0_1/Actions/ComponentIntegrity.SPDMGetSignedMeasurements",
"@Redfish.ActionInfo": "/redfish/v1/ComponentIntegrity/SPDM_0_1/SPDMGetSignedMeasurementsActionInfo"
}
}
}响应码:200
POST (ACTION)
SPDMGetSignedMeasurements
命令功能
基于SPDM协议获取组件签名测量值
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id/Actions/ComponentIntegrity.SPDMGetSignedMeasurements
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"MeasurementIndices": measurement_indices,
"SlotId": slot_id,
"Nonce": nonce
}请求头参数说明
参见 请求头参数说明
请求体参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| measurement_indices | 请求测量块的数组 | 非必需参数,可选填如下几个使用方式: 1、[1~254] 中的一个或多个唯一值 2、[255] 3、无此参数,默认使用[255] |
| slot_id | 签名使用的证书槽位ID | 非必需参数,可选填如下几个使用方式: 1、0~7:指定使用特定槽位标识符的证书 2、无此参数,默认使用 0 |
| nonce | 挑战随机数 | 非必需参数,可选填如下几个使用方式: 1、有此参数时,需要遵循规则: 2、无此参数时,自行生成随机数,需要遵循规则:`^[0-9a-fA-F] |
ResourceDefinition
uris
/redfish/v1/ComponentIntegrity/component_integrity_id
properties
| 名称 | 类型 | 是否只读 | 取值范围/枚举值 | 说明 |
|---|---|---|---|---|
| @odata.context | string | true | ComponentIntegrity资源模型的OData描述信息 | |
| @odata.id | string | true | ComponentIntegrity资源节点的访问路径 | |
| @odata.type | string | true | ComponentIntegrity资源类型 | |
| Id | string | true | ComponentIntegrity资源的ID | |
| Name | string | true | ComponentIntegrity资源的名称 | |
| Description | string | true | ComponentIntegrity资源的描述 | |
| ComponentIntegrityType | string | true | SPDM | 上报本完整性报告所使用的安全技术类型 |
| ComponentIntegrityTypeVersion | string | true | 上报本完整性报告所使用的安全技术的版本号 | |
| LastUpdated | string | true | 完整性报告最后刷新时间 | |
| TargetComponentURI | string | true | 指向一个提供本报告中完整性信息的资源的链接 | |
| SPDM | object | true | 本资源基于SPDM协议呈现的完整性信息 | |
| SPDM.IdentityAuthentication | object | true | 身份认证相关信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication | object | true | 响应者的认证信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate | object | true | 响应者证书集合资源 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate.@odata.id | string | true | 响应者证书集合资源访问路径 | |
| SPDM.MeasurementSet | object | true | 响应者的测量信息 | |
| SPDM.MeasurementSet.MeasurementSpecification | string | true | DMTF | 请求方与响应方之间协商的测量规范 |
| SPDM.MeasurementSet.MeasurementSummaryType | string | true | TCB | 测量摘要的类型 |
| SPDM.MeasurementSet.MeasurementSummaryHashAlgorithm | string | true | 测量摘要使用的哈希算法 | |
| SPDM.MeasurementSet.MeasurementSummary | string | true | 测量摘要 | |
| SPDM.MeasurementSet.Measurements | array | true | 响应者的测量块集合 | |
| SPDM.MeasurementSet.Measurements[].MeasurementIndex | number | true | 测量块的索引 | |
| SPDM.MeasurementSet.Measurements[].MeasurementHashAlgorithm | string | true | 用于计算该测量块的hash算法 | |
| SPDM.MeasurementSet.Measurements[].Measurement | string | true | 测量值 | |
| SPDM.MeasurementSet.Measurements[].LastUpdated | string | true | 本测量块的最后更新时间 | |
| SPDM.MeasurementSet.Measurements[].PartofSummaryHash | boolean | true | 该块是否为属于计算SummaryHash时使用的度量块的一部分 | |
| SPDM.MeasurementSet.Measurements[].MeasurementType | string | true | FirmwareConfiguration、HardwareConfiguration、ImmutableROM、MeasurementManifest、MutableFirmware、MutableFirmwareSecurityVersionNumber、MutableFirmwareVersion | 该测量块所代表的数据类型或特征。仅当MeasurementSpecification为DMTF时,才会呈现本属性 |
| SPDM.MeasurementSet.Measurements[].SecurityVersionNumber | string | true | 测量值所代表的安全版本号。仅当MeasurementSpecification为DMTF且MeasurementType为MutableFirmwareSecurityVersionNumber时,才会呈现本属性 | |
| Status | object | true | 完整性报告资源状态 | |
| Status.State | string | true | 是否使能 | |
| Status.Health | string | true | 健康状态 |
supported_methods
- GET
- POST
HTTP methods
GET
命令功能
查询组件完整性报告单个资源信息
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id
请求头:
X-Auth-Token: 123456789***********************请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| auth_value | 执行该请求时,必须在"Headers"中携带"X-Auth-Token"值用于鉴权 | 可通过/redfish/v1/SessionService/Sessions创建会话时获得 |
使用指南
BMC300 5.12.0.1及以上版本支持
使用实例
请求样例:
GET https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id请求头:
X-Auth-Token: 123456789***********************请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#ComponentIntegrity.ComponentIntegrity",
"@odata.id": "/redfish/v1/ComponentIntegrity/SPDM_0_1",
"@odata.type": "#ComponentIntegrity.ComponentIntegrity",
"Id": "SPDM_0_1",
"Name": "Component Integrity",
"Description": "SPDM Integrity Information for Controller_1 reported by SPDM_0",
"ComponentIntegrityType": "SPDM",
"ComponentIntegrityTypeVersion": "1.0",
"LastUpdated": "1970-01-01T00:00:55Z",
"TargetComponentURI": "/redfish/v1/Systems/1/Storages/RAIDStorage0",
"SPDM": {
"IdentityAuthentication": {
"ResponderAuthentication": {
"ComponentCertificate": {
"@odata.id": "/redfish/v1/Chassis/1/TrustedComponents/SPDM_0/Certificates"
}
}
},
"MeasurementSet": {
"MeasurementSpecification": "DMTF",
"MeasurementSummaryType": "TCB",
"MeasurementSummaryHashAlgorithm": "TPM_ALG_SHA_256",
"MeasurementSummary": "0101010101010101010101010101010101010101010101010101010101010101",
"Measurements": [
{
"MeasurementIndex": 1,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000000",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 2,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000001",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 3,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000002",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
}
]
}
},
"Status": {
"State": "Enabled",
"Health": "OK"
},
"Actions": {
"#ComponentIntegrity.SPDMGetSignedMeasurements": {
"target": "/redfish/v1/ComponentIntegrity/SPDM_0_1/Actions/ComponentIntegrity.SPDMGetSignedMeasurements",
"@Redfish.ActionInfo": "/redfish/v1/ComponentIntegrity/SPDM_0_1/SPDMGetSignedMeasurementsActionInfo"
}
}
}响应码:200
POST (ACTION)
SPDMGetSignedMeasurements
命令功能
基于SPDM协议获取组件签名测量值
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id/Actions/ComponentIntegrity.SPDMGetSignedMeasurements
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"MeasurementIndices": measurement_indices,
"SlotId": slot_id,
"Nonce": nonce
}请求头参数说明
参见 请求头参数说明
请求体参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| measurement_indices | 请求测量块的数组 | 非必需参数,可选填如下几个使用方式: 1、[1~254] 中的一个或多个唯一值 2、[255] 3、无此参数,默认使用[255] |
| slot_id | 签名使用的证书槽位ID | 非必需参数,可选填如下几个使用方式: 1、0~7:指定使用特定槽位标识符的证书 2、无此参数,默认使用 0 |
| nonce | 挑战随机数 | 非必需参数,可选填如下几个使用方式: 1、有此参数时,需要遵循规则:`^[0-9a-fA-F] |
ResourceDefinition
uris
/redfish/v1/ComponentIntegrity/component_integrity_id
properties
| 名称 | 类型 | 是否只读 | 取值范围/枚举值 | 说明 |
|---|---|---|---|---|
| @odata.context | string | true | ComponentIntegrity资源模型的OData描述信息 | |
| @odata.id | string | true | ComponentIntegrity资源节点的访问路径 | |
| @odata.type | string | true | ComponentIntegrity资源类型 | |
| Id | string | true | ComponentIntegrity资源的ID | |
| Name | string | true | ComponentIntegrity资源的名称 | |
| Description | string | true | ComponentIntegrity资源的描述 | |
| ComponentIntegrityType | string | true | SPDM | 上报本完整性报告所使用的安全技术类型 |
| ComponentIntegrityTypeVersion | string | true | 上报本完整性报告所使用的安全技术的版本号 | |
| LastUpdated | string | true | 完整性报告最后刷新时间 | |
| TargetComponentURI | string | true | 指向一个提供本报告中完整性信息的资源的链接 | |
| SPDM | object | true | 本资源基于SPDM协议呈现的完整性信息 | |
| SPDM.IdentityAuthentication | object | true | 身份认证相关信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication | object | true | 响应者的认证信息 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate | object | true | 响应者证书集合资源 | |
| SPDM.IdentityAuthentication.ResponderAuthentication.ComponentCertificate.@odata.id | string | true | 响应者证书集合资源访问路径 | |
| SPDM.MeasurementSet | object | true | 响应者的测量信息 | |
| SPDM.MeasurementSet.MeasurementSpecification | string | true | DMTF | 请求方与响应方之间协商的测量规范 |
| SPDM.MeasurementSet.MeasurementSummaryType | string | true | TCB | 测量摘要的类型 |
| SPDM.MeasurementSet.MeasurementSummaryHashAlgorithm | string | true | 测量摘要使用的哈希算法 | |
| SPDM.MeasurementSet.MeasurementSummary | string | true | 测量摘要 | |
| SPDM.MeasurementSet.Measurements | array | true | 响应者的测量块集合 | |
| SPDM.MeasurementSet.Measurements[].MeasurementIndex | number | true | 测量块的索引 | |
| SPDM.MeasurementSet.Measurements[].MeasurementHashAlgorithm | string | true | 用于计算该测量块的hash算法 | |
| SPDM.MeasurementSet.Measurements[].Measurement | string | true | 测量值 | |
| SPDM.MeasurementSet.Measurements[].LastUpdated | string | true | 本测量块的最后更新时间 | |
| SPDM.MeasurementSet.Measurements[].PartofSummaryHash | boolean | true | 该块是否为属于计算SummaryHash时使用的度量块的一部分 | |
| SPDM.MeasurementSet.Measurements[].MeasurementType | string | true | FirmwareConfiguration、HardwareConfiguration、ImmutableROM、MeasurementManifest、MutableFirmware、MutableFirmwareSecurityVersionNumber、MutableFirmwareVersion | 该测量块所代表的数据类型或特征。仅当MeasurementSpecification为DMTF时,才会呈现本属性 |
| SPDM.MeasurementSet.Measurements[].SecurityVersionNumber | string | true | 测量值所代表的安全版本号。仅当MeasurementSpecification为DMTF且MeasurementType为MutableFirmwareSecurityVersionNumber时,才会呈现本属性 | |
| Status | object | true | 完整性报告资源状态 | |
| Status.State | string | true | 是否使能 | |
| Status.Health | string | true | 健康状态 |
supported_methods
- GET
- POST
HTTP methods
GET
命令功能
查询组件完整性报告单个资源信息
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id
请求头:
X-Auth-Token: 123456789***********************请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| auth_value | 执行该请求时,必须在"Headers"中携带"X-Auth-Token"值用于鉴权 | 可通过/redfish/v1/SessionService/Sessions创建会话时获得 |
使用指南
BMC300 5.12.0.1及以上版本支持
使用实例
请求样例:
GET https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id请求头:
X-Auth-Token: 123456789***********************请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#ComponentIntegrity.ComponentIntegrity",
"@odata.id": "/redfish/v1/ComponentIntegrity/SPDM_0_1",
"@odata.type": "#ComponentIntegrity.ComponentIntegrity",
"Id": "SPDM_0_1",
"Name": "Component Integrity",
"Description": "SPDM Integrity Information for Controller_1 reported by SPDM_0",
"ComponentIntegrityType": "SPDM",
"ComponentIntegrityTypeVersion": "1.0",
"LastUpdated": "1970-01-01T00:00:55Z",
"TargetComponentURI": "/redfish/v1/Systems/1/Storages/RAIDStorage0",
"SPDM": {
"IdentityAuthentication": {
"ResponderAuthentication": {
"ComponentCertificate": {
"@odata.id": "/redfish/v1/Chassis/1/TrustedComponents/SPDM_0/Certificates"
}
}
},
"MeasurementSet": {
"MeasurementSpecification": "DMTF",
"MeasurementSummaryType": "TCB",
"MeasurementSummaryHashAlgorithm": "TPM_ALG_SHA_256",
"MeasurementSummary": "0101010101010101010101010101010101010101010101010101010101010101",
"Measurements": [
{
"MeasurementIndex": 1,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000000",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 2,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000001",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
},
{
"MeasurementIndex": 3,
"MeasurementHashAlgorithm": "TPM_ALG_SHA_256",
"Measurement": "0000000000000000000000000000000000000000000000000000000000000002",
"LastUpdated": "1970-01-01T00:00:55Z",
"PartofSummaryHash": true,
"MeasurementType": "FirmwareConfiguration"
}
]
}
},
"Status": {
"State": "Enabled",
"Health": "OK"
},
"Actions": {
"#ComponentIntegrity.SPDMGetSignedMeasurements": {
"target": "/redfish/v1/ComponentIntegrity/SPDM_0_1/Actions/ComponentIntegrity.SPDMGetSignedMeasurements",
"@Redfish.ActionInfo": "/redfish/v1/ComponentIntegrity/SPDM_0_1/SPDMGetSignedMeasurementsActionInfo"
}
}
}响应码:200
POST (ACTION)
SPDMGetSignedMeasurements
命令功能
基于SPDM协议获取组件签名测量值
命令格式
URL: https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id/Actions/ComponentIntegrity.SPDMGetSignedMeasurements
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"MeasurementIndices": measurement_indices,
"SlotId": slot_id,
"Nonce": nonce
}请求头参数说明
参见 请求头参数说明
请求体参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| component_integrity_id | 指定完整性报告的ID | 可通过完整性报告集合资源获得 |
| measurement_indices | 请求测量块的数组 | 非必需参数,可选填如下几个使用方式: 1、[1~254] 中的一个或多个唯一值 2、[255] 3、无此参数,默认使用[255] |
| slot_id | 签名使用的证书槽位ID | 非必需参数,可选填如下几个使用方式: 1、0~7:指定使用特定槽位标识符的证书 2、无此参数,默认使用 0 |
| nonce | 挑战随机数 | 非必需参数,可选填如下几个使用方式: 1、有此参数时,需要遵循规则: 2、无此参数时,自行生成随机数,需要遵循规则: |
使用指南
BMC300 5.12.0.1及以上版本支持
使用实例
请求样例:
POST https://device_ip/redfish/v1/ComponentIntegrity/component_integrity_id/Actions/ComponentIntegrity.SPDMGetSignedMeasurements请求头:
X-Auth-Token: 123456789***********************
Content-Type: application/json请求消息体:
{
"MeasurementIndices": [
1,
2,
3
],
"SlotId": 0,
"Nonce": "000102030405060708090A0B0C0D0E0F101112131415161718191a1b1c1d1e1f"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"Certificate": {
"@odata.id": "/redfish/v1/Chassis/1/TrustedComponents/SPDM_0/Certificates/1"
},
"Version": "1.0",
"HashingAlgorithm": "TPM_ALG_SHA_256",
"SigningAlgorithm": "TPM_ALG_RSAPSS_2048",
"SignedMeasurements": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB",
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200