The DPU BMC attestation process enables secure verification of device identity and firmware integrity using standardized protocols. This implementation leverages SPDM (Security Protocol and Data Models) over MCTP (Management Component Transport Protocol) to provide remote attestation capabilities via the Redfish API.
Redfish Commands
For detailed information about the DPU attestation process, measurement descriptions, and reference values, refer to the DPU Attestation documentation.
Get ComponentIntegrity Collection
curl -k -u root:'<password>' -H "Content-Type: application/json" -X GET https://<bmc ip>/redfish/v1/ComponentIntegrity
This command returns a collection of all attestation targets in the system.
In DPU BMC, the available attestation targets are:
-
Bluefield_DPU_IRoT– The BlueField IRoT (Initial Root of Trust), a Platform Security Controller (PSC) that stores measurements related to the Arm and NIC components -
Bluefield_ERoT– The BlueField BMC ERoT (External Root of Trust), which contains measurements related to the DPU BMC
Get Certificate Chain of Specific Attestation Target
curl -k -u root:'<password>' -H "Content-Type: application/json" -X GET https://<bmc ip>/redfish/v1/Chassis/<target-id>/Certificates/CertChain
This command retrieves the certificate chain for a specific attestation target. The response is a JSON structure containing the entire certificate chain, which can be used to verify the authenticity of the component.
Get Measurements from Attestation Target
# 1. Request all available measurements
curl -k -u root:'<password>' -H "Content-Type: application/json" -X POST \
https://<bmc ip>/redfish/v1/ComponentIntegrity/<target id>/Actions/ComponentIntegrity.SPDMGetSignedMeasurements
# 2. Request specific measurements
curl -k -u root:'<password>' -H "Content-Type: application/json" -X POST \
-d '{"SlotId": 0, "MeasurementIndices": [2,5], "Nonce": "d42a0594c5cd5743ee08fe5ec3cf884b1fac4f106879cda98b7d1c51652b04b7"}' \
https://<bmc ip>/redfish/v1/ComponentIntegrity/HGX_IRoT_NIC_0/Actions/ComponentIntegrity.SPDMGetSignedMeasurements
This command retrieves signed measurements from the specified component.
Parameters:
-
Nonce
-
Description: A unique, randomly generated value used to prevent replay attacks.
-
Format: 32-byte (64-character) hexadecimal string.
-
Usage:
-
Must be generated and provided by the client for each request.
-
Ensures that each request is fresh and secure.
-
-
-
Certificate Slot ID
-
Description: Indicates which slot contains the certificate chain used for signing.
-
Supported Value:
0 -
Default:
0 -
Note: Only Slot 0 is supported, which holds the NVIDIA certificate chain.
-
-
Measurement Indices
-
Description: Specifies the measurement indices to request.
-
Format: Array of integers.
-
Default: If omitted,
0xFFis used to request all available measurements.
-
Handling the Response
This operation is asynchronous and returns a task object rather than the measurement data itself.
Example response:
{
"@odata.id": "/redfish/v1/TaskService/Tasks/0",
"@odata.type": "#Task.v1_4_3.Task",
"Id": "<id>",
"TaskState": "Running",
"TaskStatus": "OK"
}
Monitoring Task Progress
Periodically check the task until completion using:
curl -k -u root:'<password>' -H "Content-Type: application/json" \
-X GET https://<bmc ip>/redfish/v1/TaskService/Tasks/<id>
A completed task appears as
{
...
"PercentComplete": 100,
...
"TaskState": "Completed",
"TaskStatus": "OK"
}
Get Measurements Response Data
curl -k -u root:'<password>' -H "Content-Type: application/json" -X GET \
https://<bmc ip>/redfish/v1/ComponentIntegrity/<target id>/Actions/ComponentIntegrity.SPDMGetSignedMeasurements/data
This command retrieves the signed measurement data previously requested via the SPDMGetSignedMeasurements action.
Example output:
{
"HashingAlgorithm": "TPM_ALG_SHA_512",
"SignedMeasurements": "<base64 encoded measurements>",
"SigningAlgorithm": "TPM_ALG_ECDSA_ECC_NIST_P384",
"Version": "1.1.0"
}
Redfish Event Log
Each time a new Get Measurements command is issued, a Redfish event log entry is generated.
Example entry:
{
"@odata.id": "/redfish/v1/Systems/Bluefield/LogServices/EventLog/Entries/<id>",
"@odata.type": "#LogEntry.v1_15_0.LogEntry",
"Created": "<date>",
"EntryType": "Event",
"Id": "<id>",
"Message": "Redfish attestation measurements POST request received",
"Modified": "<date>",
"Name": "System Event Log Entry",
"Resolved": false,
"Severity": "OK"
}
Last updated: