Request Monotonic Counter

RPMC Support Using eSPI OOB (eRPMC)

Architecture Specification

ID	Date	Version	Classification
739180	06/01/2025		Public

This command is used to request the Monotonic counter value.

RPMC Request Monotonic Counter OOB Command:

Byte #	7	6		5		4	3		2		1	0
0	eSPI Cycle Type: OOB Message=21h
1	Tag[3:0]=0h						Length[11:8]=0h
2	Length[7:0]=3Ah
3	Dest Slave Addr[7:1]=07h											0
4	Command Code=0Fh
5	Byte Count=37h
6	Source Slave Address[7:1]= 08h											1
7	MCTP Reserved=0h							Header Version
8	Destination Endpoint ID
9	Source Endpoint ID
10	SOM		EOM		Packet Seq #			TO		Message Tag
11	IC		Message Type=7Dh
12	RPMC Device
13	Opcode = 9Bh
14	Cmd Type = 03h
15	Counter Addr[7:0]
16	Rsvd=00h
17	Tag[95:88]
…	…
28	Tag[7:0]
29	Signature[255:248]
…	…
60	Signature[7:0]

Response:

Byte #	7	6		5		4	3		2		1	0
0	eSPI Cycle Type: OOB Message=21h
1	Tag[3:0]=0h						Length[11:8]=0h
2	Length[7:0]=3Ch
3	Dest Slave Addr[7:1]=08h											0
4	Command Code=0Fh
5	Byte Count=39h
6	Source Slave Address[7:1]= 07h											1
7	MCTP Reserved=0h							Header Version
8	Destination Endpoint ID
9	Source Endpoint ID
10	SOM		EOM		Packet Seq #			TO		Message Tag
11	IC		Message Type=7Dh
12	RPMC Device
13	Counter Addr[7:0]
14	Extended Status[7:0]
15	Tag[95:88]
…	…
26	Tag[7:0]
27	CounterReadData[31:24]
…	…
30	CounterReadData[7:0]
31	Signature[255:248]
…	…
62	Signature[7:0]

After the command is issued, the device ensures that the received transaction is error free. This includes checking following conditions:

RPMC message payload size is correct. (Including OP1 = 48 bytes)
Counter Address falls within the range of supported counters.
The Monotonic Counter corresponding to the requested Counter Address was previously initialized.
The HMAC Key Register corresponding to the requested Counter Address was previously initialized.
The requested Signature matches the HMAC-SHA-256 based signature computed based on received input parameters.
- HMAC Message[127:0] = (OpCode[7:0], CmdType[7:0]. CounterAddr[7:0]. Reserved[7:0], Tag[95:0]) we
- HMAC Key[255:0] = HMAC_Key_Register[Counter_Address][255:0]

If the received transaction is error free device successfully executes the command and posts “successful completion” extended status. In response to this command, the device reads the monotonic counter addressed by counter address. It calculates HMAC-SHA-256 signatures the second time, based on following parameters:

HMAC Message[127:0] = Tag [95:0], Counter_Data_Read[31:0]
HMAC Key[255:0] = HMAC_Key_Register[Counter_Address][255:0]

It loads the outgoing response buffer[383:0] with the resulting signature:

Outgoing response buffer[383: 288] = Tag[95:0].
Outgoing response buffer[287:256] = Counter_Data[31:0]
Outgoing response buffer[255:0] = Signature[255:0])

The tag, count value and signature are returned in the response to this command.

If the received transaction has errors, the device does not execute the transaction and posts the corresponding error in extended status.

Expected Extended Status [7:0] results:

Extended Status [7:0]	Applicable CmdType(s)	Description
10000000	03h	This status is set on successful completion (no errors) of OP1 command.
0XXXXXX1	03h	N/A. This bit cannot be read as 1.
0XXXX1XX	03h	This bit is set on Signature Mismatch, Counter Address out of range when correct payload size is received; or CmdType is out of range; or incorrect payload size is received.
0XXX1XXX	03h	This bit is set only when the correct payload size is received. This bit is set on HMAC Key Register (or Root Key register or Monotonic Counter) is uninitialized on previous OP1 command.
0X1XXXXX	-	Fatal Error, e.g., program fail, no valid counter found after initialization

Flow Diagram for Command:

Figure 3-5. Request Monotonic Counter