搜尋此網誌

2012年9月6日 星期四

TRUSTED RECEIVE(5Ch) - ATA Trusted Commands


TRUSTED RECEIVE (5Ch), PIO Data-In
This 28-bit command is mandatory for devices implementing the Trusted Computing feature set.
The TRUSTED RECEIVE command is used to retrieve security protocol information or the results from one or more TRUSTED SEND commands.
Any association between a previous TRUSTED SEND command and the data transferred by a TRUSTED RECEIVE command depends on the protocol specified by the Security Protocol field. If the device has no data to transfer (e.g., the results for any previous TRUSTED SEND commands are not yet available), the device may transfer data indicating it has no other data to transfer.
Indications of data overrun or underrun and the mechanism, if any, for processing retries depend on the protocol specified by the Security Protocol field. For Security Protocol field set to 00h, the format of the data is described in. The format of the data for other Security Protocol values is documented by the group that owns the associated Security Protocol value. The device shall retain data resulting from a TRUSTED SEND command awaiting retrieval by a TRUSTED RECEIVE command until one of the following events is processed:
A.             the data is delivered according to the  Security Protocol field (see table 67) specific rules for the TRUSTED RECEIVE command;
B.             any reset; or
C.             loss of communication with the host that sent the TRUSTED SEND command.
Inputs:
Register
7
6
5
4
3
2
1
0
Feature
Security Protocol
Sector Count
Transfer Length (7:0)
LBA Low(7:0)
Transfer Length (15:8)
LBA Mid(15:8)
SP Specific(7:0) - Security Protocol Specific
LBA High(23:16)
SP Specific(15:8) - Security Protocol Specific
Device
obs
N/A
obs
TD
LBA(27:24) Reserved
Command
5Ch
Transfer Length:The Transfer Length is security protocol specific
TD: Transport Dependent - All bits and fields that are labelled transport dependent are defined in the transport standards.

Generic Extended Normal Outputs:
Register
7
6
5
4
3
2
1
0
Error
Reserved
Sector Count
HOB = 0
Reserved
HOB = 1
Reserved
LBA Low
HOB = 0
Reserved
HOB = 1
Reserved
LBA Mid
HOB = 0
Reserved
HOB = 1
Reserved
LBA High
HOB = 0
Reserved
HOB = 1
Reserved
Device
obs
na
obs
TD
Reserved
Status
TD
TD
DF
na
TD
na
na
ERR

Security Protocol
The Security Protocol field identifies which security protocol is being used. This determines the format of the SP Specific field and of the data that is transferred. If the Security Protocol field is set to a reserved value, the device shall return command aborted.
TRUSTED RECEIVE Security Protocol field description table
Value
Description
00h
Return security protocol information
01h – 06h
Defined by TCG
07h – 1Fh
Reserved
20h
Reserved for T10
21h-EDh
Reserved
EEh
Defined by IEEE 1667
EFh
Reserved for T10
F0h – FFh
Vendor Specific.
The meaning of the SP Specific field is defined by each security protocol.

Security Protocol 00h - SP Specific field descriptions for Protocol 00h
SP Specific
Description
Support
0000h
Return supported security protocol list
Mandatory
0001h
Return a certificate
Mandatory
0002h-FFFFh
Reserved


Supported security protocols list description
When the Security Protocol field is set to 00h, and SP Specific is set to 0000h in a TRUSTED RECEIVE command, the parameter data shall have the format shown in table.
byte                              bit
7
6
5
4
3
2
1
0
0
Reserved
1
Reserved
2
Reserved
3
Reserved
4
Reserved
5
Reserved
6
List Length (M-7) bits (15:8)
7
List Length (M-7) bits (7:0)
8
Supported Security Protocol List

M
M+1
Pad bytes (if any)
511
The List Length field indicates the total length, in bytes, of the supported security protocol list.
The Supported Security Protocol List field shall contain a list of all supported Security Protocol field values. Each byte indicates a supported Security Protocol field value.  The values shall be in ascending order starting with 00h.
The total data length shall be 512 bytes. Pad bytes are appended as needed to meet this requirement. Pad bytes shall have a value of 00h.

Certificate data description
A certificate is either an X.509 Attribute Certificate or an X.509 Public Key Certificate depending on the capabilities of the device.
When the Security Protocol field of the TRUSTED RECEIVE command is set to 00h, and SP Specific is 0001h, the parameter data shall have the format shown in table 70.
byte                              bit
7
6
5
4
3
2
1
0
0
Reserved
1
Reserved
2
(MSB)       CERTIFICATE LENGTH (M - 3)
(LSB)
3
4

X.509 certificate bytes

M
M+1
Pad bytes (if any)
511
The CERTIFICATE LENGTH indicates the total length, in bytes, of the certificate(s).  This length includes one or more certificates. If the device has no certificate to return, the certificate length is set to 0000h and only the 4 byte header and 508 pad bytes are returned.
The total data length shall conform to the Transfer Length field requirements.

Public Key certificate description
RFC 3280 defines the certificate syntax for certificates consistent with the X.509v3 Public Key Certificate Specification.

Attribute certificate description
RFC 3281 defines the certificate syntax for certificates consistent with the X.509v2 Attribute Certificate Specification.

In the IDENTIFY DEVICE data of Word48:
Word
OM
SP
FV
Description
48
O
B

F
F

F
Trusted Computing feature set options
15  Shall be cleared to zero
14  Shall be set to one
13:1  Reserved for the Trusted Computing Group
0  1=Trusted Computing feature set is supported

沒有留言:

張貼留言