xref: /titanic_41/usr/src/cmd/lms/heci/PTHICommand.h (revision e4d060fb4c00d44cd578713eb9a921f594b733b8)
1 /*******************************************************************************
2  * Copyright (C) 2004-2008 Intel Corp. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  *  - Redistributions of source code must retain the above copyright notice,
8  *    this list of conditions and the following disclaimer.
9  *
10  *  - Redistributions in binary form must reproduce the above copyright notice,
11  *    this list of conditions and the following disclaimer in the documentation
12  *    and/or other materials provided with the distribution.
13  *
14  *  - Neither the name of Intel Corp. nor the names of its
15  *    contributors may be used to endorse or promote products derived from this
16  *    software without specific prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS''
19  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL Intel Corp. OR THE CONTRIBUTORS
22  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28  * POSSIBILITY OF SUCH DAMAGE.
29  *******************************************************************************/
30 
31 //----------------------------------------------------------------------------
32 //
33 //  File:       PTHICommand.h
34 //
35 //  Contents:   header file of PTHICommand class
36 //
37 //----------------------------------------------------------------------------
38 #ifndef __PTHI_COMMAND_H__
39 #define __PTHI_COMMAND_H__
40 
41 #include "HECIUnix.h"
42 #include "StatusCodeDefinitions.h"
43 #include <list>
44 #include <string>
45 
46 #define CERT_HASH_MAX_LENGTH                    64
47 #define CERT_HASH_MAX_NUMBER                    23
48 #define NET_TLS_CERT_PKI_MAX_SERIAL_NUMS        3
49 #define NET_TLS_CERT_PKI_MAX_SERIAL_NUM_LENGTH  16
50 #define MPS_HOSTNAME_LENGTH                     256
51 
52 /*
53 * Constants
54 */
55 
56 static const UINT32 IDER_LOG_ENTRIES = 16;
57 
58 const UINT8 MAJOR_VERSION = 1;
59 const UINT8 MINOR_VERSION = 1;
60 const UINT8 AMT_MAJOR_VERSION = 1;
61 const UINT8 AMT_MINOR_VERSION = 1;
62 
63 typedef enum _CFG_PROVISIONING_MODE
64 {
65 	CFG_PROVISIONING_MODE_NONE = 0,
66 	CFG_PROVISIONING_MODE_ENTERPRISE,
67 	CFG_PROVISIONING_MODE_SMALL_BUSINESS,
68 	CFG_PROVISIONING_MODE_REMOTE_ASSISTANCE
69 } CFG_PROVISIONING_MODE;
70 
71 typedef enum _AMT_PROVISIONING_STATE
72 {
73 	PROVISIONING_STATE_PRE = 0,
74 	PROVISIONING_STATE_IN = 1,
75 	PROVISIONING_STATE_POST = 2
76 } AMT_PROVISIONING_STATE;
77 
78 typedef enum _AMT_FEATURE_STATE_REQUEST
79 {
80 	REDIRECTION_SESSION = 0,
81 	SYSTEM_DEFENSE = 1,
82 	WEB_UI = 2
83 } AMT_FEATURE_STATE_REQUEST;
84 
85 typedef enum _AMT_LAST_HOST_RESET_REASON
86 {
87 	RemoteControl = 0,
88 	Other = 1
89 } AMT_LAST_HOST_RESET_REASON;
90 
91 typedef enum _AMT_INTERFACE_INDEX
92 {
93 	WIRED = 0,
94 	WIRELESS = 1
95 } AMT_INTERFACE_INDEX;
96 
97 typedef enum _AMT_DHCP_IP_ADDRESS
98 {
99 	ACTIVE = 1,
100 	PASSIVE = 2
101 } AMT_DHCP_IP_MODE;
102 
103 typedef UINT32 CFG_IPv4_ADDRESS;
104 
105 static const UINT32 BIOS_VERSION_LEN = 65;
106 static const UINT32 VERSIONS_NUMBER = 50;
107 static const UINT32 UNICODE_STRING_LEN = 20;
108 
109 typedef enum _AMT_PROVISIONING_TLS_MODE
110 {
111 	NOT_READY = 0,
112 	PSK  = 1,
113 	PKI  = 2
114 } AMT_PROVISIONING_TLS_MODE;
115 
116 typedef enum _AMT_RNG_STATUS
117 {
118 	RNG_STATUS_EXIST  = 0,
119 	RNG_STATUS_IN_PROGRESS = 1,
120 	RNG_STATUS_NOT_EXIST = 2
121 } AMT_RNG_STATUS;
122 
123 #pragma pack(1)
124 
125 typedef struct _AMT_UNICODE_STRING
126 {
127 	UINT16 Length;
128 	UINT8 String[UNICODE_STRING_LEN];
129 } AMT_UNICODE_STRING;
130 
131 typedef struct _AMT_VERSION_TYPE
132 {
133 	AMT_UNICODE_STRING Description;
134 	AMT_UNICODE_STRING Version;
135 } AMT_VERSION_TYPE;
136 
137 typedef struct _PTHI_VERSION
138 {
139 	UINT8 MajorNumber;
140 	UINT8 MinorNumber;
141 } PTHI_VERSION;
142 
143 typedef struct _CODE_VERSIONS
144 {
145 	UINT8 BiosVersion[BIOS_VERSION_LEN];
146 	UINT32 VersionsCount;
147 	AMT_VERSION_TYPE Versions[VERSIONS_NUMBER];
148 } CODE_VERSIONS;
149 
150 typedef struct _COMMAND_FMT
151 {
152 	union
153 	{
154 		UINT32 val;
155 		struct
156 		{
157 			UINT32 Operation : 23;
158 			UINT32 IsResponse : 1;
159 			UINT32 Class : 8;
160 		} fields;
161 	} cmd;
162 
163 } COMMAND_FMT;
164 
165 typedef struct _AMT_ANSI_STRING
166 {
167 	UINT16 Length;
168 	CHAR  *Buffer;
169 } AMT_ANSI_STRING;
170 
171 typedef struct _PTHI_MESSAGE_HEADER
172 {
173 	PTHI_VERSION Version;
174 	UINT16 Reserved;
175 	COMMAND_FMT Command;
176 	UINT32 Length;
177 } PTHI_MESSAGE_HEADER;
178 
179 typedef struct _PTHI_RESPONSE_MESSAGE_HEADER
180 {
181 	PTHI_MESSAGE_HEADER Header;
182 	AMT_STATUS Status;
183 } PTHI_RESPONSE_MESSAGE_HEADER;
184 
185 typedef struct _CFG_GET_CODE_VERSIONS_RESPONSE
186 {
187 	PTHI_RESPONSE_MESSAGE_HEADER Header;
188 	CODE_VERSIONS CodeVersions;
189 } CFG_GET_CODE_VERSIONS_RESPONSE;
190 
191 typedef struct _CFG_GET_PROVISIONING_MODE_RESPONSE
192 {
193 	PTHI_RESPONSE_MESSAGE_HEADER Header;
194 	CFG_PROVISIONING_MODE ProvisioningMode;
195 	AMT_BOOLEAN LegacyMode;
196 } CFG_GET_PROVISIONING_MODE_RESPONSE;
197 
198 typedef struct _CFG_GET_PROVISIONING_STATE_RESPONSE
199 {
200 	PTHI_RESPONSE_MESSAGE_HEADER Header;
201 	AMT_PROVISIONING_STATE ProvisioningState;
202 } CFG_GET_PROVISIONING_STATE_RESPONSE;
203 
204 typedef struct _CFG_GET_FEATURES_STATE_REQUEST
205 {
206 	PTHI_MESSAGE_HEADER Header;
207 	UINT32 RequestID;
208 } CFG_GET_FEATURES_STATE_REQUEST;
209 
210 typedef struct _GET_FEATURES_REDIRECTION_SESSION_STATUS
211 {
212 	AMT_BOOLEAN IderOpen;
213 	AMT_BOOLEAN SolOpen;
214 	AMT_BOOLEAN Reserved;
215 } GET_FEATURES_REDIRECTION_SESSION_STATUS;
216 
217 typedef struct _GET_FEATURES_SYSTEM_DEFENSE_STATE_RESPONSE
218 {
219 	AMT_BOOLEAN SystemDefenseActivated;
220 } GET_FEATURES_SYSTEM_DEFENSE_STATUS_RESPONSE;
221 
222 typedef struct _GET_FEATURES_WEB_UI_STATE_RESPONSE
223 {
224 	AMT_BOOLEAN WebUiEnabled;
225 } GET_FEATURES_WEB_UI_STATUS_RESPONSE;
226 
227 typedef union _FEATURES_STATUS_DATA
228 {
229 	GET_FEATURES_REDIRECTION_SESSION_STATUS rs;
230 	GET_FEATURES_SYSTEM_DEFENSE_STATUS_RESPONSE sd;
231 	GET_FEATURES_WEB_UI_STATUS_RESPONSE webUI;
232 } FEATURES_STATUS_DATA;
233 
234 typedef struct _CFG_GET_FEATURES_STATE_RESPONSE
235 {
236 	PTHI_RESPONSE_MESSAGE_HEADER Header;
237 	UINT32 RequestID;
238 	FEATURES_STATUS_DATA Data;
239 } CFG_GET_FEATURES_STATE_RESPONSE;
240 
241 typedef struct _CFG_GET_CURRENT_POWER_POLICY_REQUEST
242 {
243 	PTHI_MESSAGE_HEADER Header;
244 } CFG_GET_CURRENT_POWER_POLICY_REQUEST;
245 
246 typedef struct _CFG_GET_CURRENT_POWER_POLICY_RESPONSE
247 {
248 	PTHI_RESPONSE_MESSAGE_HEADER Header;
249 	AMT_ANSI_STRING PolicyName;
250 } CFG_GET_CURRENT_POWER_POLICY_RESPONSE;
251 
252 typedef struct _CFG_GET_LAST_HOST_RESET_REASON_REQUEST
253 {
254 	PTHI_MESSAGE_HEADER Header;
255 } CFG_GET_LAST_HOST_RESET_REASON_REQUEST;
256 
257 typedef struct _CFG_GET_LAST_HOST_RESET_REASON_RESPONSE
258 {
259 	PTHI_RESPONSE_MESSAGE_HEADER Header;
260 	UINT32 Reason;
261 	UINT32 RemoteControlTimeStamp;
262 } CFG_GET_LAST_HOST_RESET_REASON_RESPONSE;
263 
264 typedef struct _LAN_SETTINGS
265 {
266 	AMT_BOOLEAN Enabled;
267 	CFG_IPv4_ADDRESS Ipv4Address;
268 	AMT_BOOLEAN DhcpEnabled;
269 	UINT8 DhcpIpMode;
270 	UINT8 LinkStatus;
271 	UINT8 MacAddress[6];
272 } LAN_SETTINGS;
273 
274 typedef struct _CFG_GET_LAN_INTERFACE_SETTINGS_REQUEST
275 {
276 	PTHI_MESSAGE_HEADER Header;
277 	UINT32 InterfaceIndex;
278 } CFG_GET_LAN_INTERFACE_SETTINGS_REQUEST;
279 
280 typedef struct _CFG_GET_LAN_INTERFACE_SETTINGS_RESPONSE
281 {
282 	PTHI_RESPONSE_MESSAGE_HEADER Header;
283 	AMT_BOOLEAN Enabled;
284 	CFG_IPv4_ADDRESS Ipv4Address;
285 	AMT_BOOLEAN DhcpEnabled;
286 	UINT8 DhcpIpMode;
287 	UINT8 LinkStatus;
288 	UINT8 MacAddress[6];
289 } CFG_GET_LAN_INTERFACE_SETTINGS_RESPONSE;
290 
291 typedef struct _CFG_GET_SECURITY_PARAMETERS_REQUEST
292 {
293 	PTHI_MESSAGE_HEADER Header;
294 } CFG_GET_SECURITY_PARAMETERS_REQUEST;
295 
296 typedef struct _CFG_GET_SECURITY_PARAMETERS_RESPONSE
297 {
298 	PTHI_RESPONSE_MESSAGE_HEADER Header;
299 	AMT_BOOLEAN EnterpriseMode;
300 	AMT_BOOLEAN TLSEnabled;
301 	AMT_BOOLEAN HWCryptoEnabled;
302 	AMT_PROVISIONING_STATE ProvisioningState;
303 	AMT_BOOLEAN NetworkInterfaceEnabled;
304 	AMT_BOOLEAN SOLEnabled;
305 	AMT_BOOLEAN IDEREnabled;
306 	AMT_BOOLEAN FWUpdateEnabled;
307 	AMT_BOOLEAN LinkIsUp;
308 	AMT_BOOLEAN Reserved[8];
309 } CFG_GET_SECURITY_PARAMETERS_RESPONSE;
310 
311 typedef struct _CFG_GET_DNS_SUFFIX_LIST_REQUEST
312 {
313 	PTHI_MESSAGE_HEADER Header;
314 } CFG_GET_DNS_SUFFIX_LIST_REQUEST;
315 
316 typedef struct _CFG_GET_DNS_SUFFIX_LIST_RESPONSE
317 {
318 	PTHI_RESPONSE_MESSAGE_HEADER Header;
319 	UINT16 DataLength;
320 	UINT8 Data[0];
321 } CFG_GET_DNS_SUFFIX_LIST_RESPONSE;
322 
323 /**
324  * CFG_SET_ENTERPRISE_ACCESS_REQUEST
325  *
326  * Flags	Bit 0 - If this bit is set then HostIPAddress is IPv6, otherwise HostIPAddress is IPv4 address.
327  *          Bits 1..7 - Reserved, should be zero.
328  * HostIPAddress	IPv4 / IPv6 address
329  * EnterpriseAccess	1 if LMS has access to enterprise network, otherwise 0.
330  */
331 typedef struct _CFG_SET_ENTERPRISE_ACCESS_REQUEST
332 {
333 	PTHI_MESSAGE_HEADER Header;
334 	UINT8 Flags;
335 	UINT8 HostIPAddress[16];
336 	UINT8 EnterpriseAccess;
337 } CFG_SET_ENTERPRISE_ACCESS_REQUEST;
338 
339 typedef struct _CFG_SET_ENTERPRISE_ACCESS_RESPONSE
340 {
341 	PTHI_RESPONSE_MESSAGE_HEADER Header;
342 } CFG_SET_ENTERPRISE_ACCESS_RESPONSE;
343 
344 typedef struct _CFG_OPEN_USER_INITIATED_CONNECTION_REQUEST
345 {
346 	PTHI_MESSAGE_HEADER     Header;
347 } CFG_OPEN_USER_INITIATED_CONNECTION_REQUEST;
348 
349 typedef struct _CFG_OPEN_USER_INITIATED_CONNECTION_RESPONSE
350 {
351 	PTHI_RESPONSE_MESSAGE_HEADER     Header;
352 } CFG_OPEN_USER_INITIATED_CONNECTION_RESPONSE;
353 
354 typedef struct _CFG_CLOSE_USER_INITIATED_CONNECTION_REQUEST
355 {
356 	PTHI_MESSAGE_HEADER     Header;
357 } CFG_CLOSE_USER_INITIATED_CONNECTION_REQUEST;
358 
359 typedef struct _CFG_CLOSE_USER_INITIATED_CONNECTION_RESPONSE
360 {
361 	PTHI_RESPONSE_MESSAGE_HEADER     Header;
362 } CFG_CLOSE_USER_INITIATED_CONNECTION_RESPONSE;
363 
364 typedef enum
365 {
366 	AMT_NETWORK_CONNECTION_DIRECT = 0,
367 	AMT_NETWORK_CONNECTION_VPN,
368 	AMT_NETWORK_CONNECTION_OUTSIDE_ENTERPRISE
369 } AMT_NETWORK_CONNECTION_STATUS;
370 
371 typedef enum
372 {
373 	REMOTE_ACCESS_CONNECTION_STATUS_NOT_CONNECTED = 0,
374 	REMOTE_ACCESS_CONNECTION_STATUS_CONNECTING,
375 	REMOTE_ACCESS_CONNECTION_STATUS_CONNECTED
376 } REMOTE_ACCESS_CONNECTION_STATUS;
377 
378 typedef enum
379 {
380 	REMOTE_ACCESS_CONNECTION_TRIGGER_USER_INITIATED = 0,
381 	REMOTE_ACCESS_CONNECTION_TRIGGER_ALERT,
382 	REMOTE_ACCESS_CONNECTION_TRIGGER_PROVISIONING,
383 	REMOTE_ACCESS_CONNECTION_TRIGGER_PERIODIC
384 } REMOTE_ACCESS_CONNECTION_TRIGGER;
385 
386 typedef struct _CFG_GET_REMOTE_ACCESS_CONNECTION_STATUS_REQUEST
387 {
388 	PTHI_MESSAGE_HEADER     Header;
389 } CFG_GET_REMOTE_ACCESS_CONNECTION_STATUS_REQUEST;
390 
391 typedef struct _CFG_GET_REMOTE_ACCESS_CONNECTION_STATUS_RESPONSE
392 {
393 	PTHI_RESPONSE_MESSAGE_HEADER     Header;
394 	AMT_NETWORK_CONNECTION_STATUS    AmtNetworkConnectionStatus;
395 	REMOTE_ACCESS_CONNECTION_STATUS  RemoteAccessConnectionStatus;
396 	REMOTE_ACCESS_CONNECTION_TRIGGER RemoteAccessConnectionTrigger;
397 	AMT_ANSI_STRING MpsHostname;
398 } CFG_GET_REMOTE_ACCESS_CONNECTION_STATUS_RESPONSE;
399 
400 typedef struct _REMOTE_ACCESS_STATUS
401 {
402 	AMT_NETWORK_CONNECTION_STATUS    AmtNetworkConnectionStatus;
403 	REMOTE_ACCESS_CONNECTION_STATUS  RemoteAccessConnectionStatus;
404 	REMOTE_ACCESS_CONNECTION_TRIGGER RemoteAccessConnectionTrigger;
405 	AMT_ANSI_STRING MpsHostname;
406 } REMOTE_ACCESS_STATUS;
407 
408 
409 typedef UINT8 AMT_UUID[16];
410 
411 const AMT_UUID AMT_UUID_LINK_STATE =
412 	{0x00, 0x00, 0x00, 0x00,
413 	 0x00, 0x00, 0x00, 0x00,
414 	 0x00, 0x00, 0x00, 0x00,
415 	 0x00, 0x00, 0x00, 0x01};
416 
417 typedef struct _STATE_DATA
418 {
419 	UINT8 LinkStatus; // (0 - down; 1 - up)
420 	UINT8 HardSKU;
421 	UINT8 CryptoFuse; // (0 -  disabled; 1 - enabled)
422 	UINT8 FlashProtaction; // (0 - disabled; 1 - enabled)
423 	UINT8 LastMEResetReason;
424 } STATE_DATA;
425 
426 typedef struct _STATE_GET_AMT_STATE_REQUEST
427 {
428 	PTHI_MESSAGE_HEADER Header;
429 	AMT_UUID StateVariableIdentifier;
430 } STATE_GET_AMT_STATE_REQUEST;
431 
432 typedef struct _STATE_GET_AMT_STATE_RESPONSE
433 {
434 	PTHI_RESPONSE_MESSAGE_HEADER Header;
435 	AMT_UUID      StateDataIdentifier;
436 	UINT32        ByteCount;
437 	STATE_DATA    StateData;
438 } STATE_GET_AMT_STATE_RESPONSE;
439 
440 
441 typedef struct _AMT_HASH_HANDLES
442 {
443 	UINT32	Length;
444 	UINT32	Handles[CERT_HASH_MAX_NUMBER];
445 } AMT_HASH_HANDLES;
446 
447 typedef struct _CERTHASH_ENTRY
448 {
449 	AMT_BOOLEAN     IsDefault;
450 	AMT_BOOLEAN     IsActive;
451 	UINT8           CertificateHash[CERT_HASH_MAX_LENGTH];
452 	UINT8           HashAlgorithm;
453 	AMT_ANSI_STRING Name;
454 } CERTHASH_ENTRY;
455 
456 typedef enum
457 {
458 	CERT_HASH_ALGORITHM_MD5 = 0,  // 16 bytes
459 	CERT_HASH_ALGORITHM_SHA1,     // 20 bytes
460 	CERT_HASH_ALGORITHM_SHA256,   // 32 bytes
461 	CERT_HASH_ALGORITHM_SHA512    // 64 bytes
462 } CERT_HASH_ALGORITHM;
463 
464 typedef struct
465 {
466 	UINT16      Year;
467 	UINT16      Month;
468 	UINT16      DayOfWeek;
469 	UINT16      Day;
470 	UINT16      Hour;
471 	UINT16      Minute;
472 	UINT16      Second;
473 } TIME_DATE;
474 
475 typedef struct _AMT_PROV_AUDIT_RECORD
476 {
477 	UINT8                ProvisioningTLSMode;
478 	AMT_BOOLEAN          SecureDNS;
479 	AMT_BOOLEAN          HostInitiated;
480 	CERT_HASH_ALGORITHM  SelectedHashType;
481 	UINT8                SelectedHashData[CERT_HASH_MAX_LENGTH];
482 	UINT8                CaCertificateSerials[NET_TLS_CERT_PKI_MAX_SERIAL_NUMS*NET_TLS_CERT_PKI_MAX_SERIAL_NUM_LENGTH];
483 	AMT_BOOLEAN          AdditionalCaSerialNums;
484 	AMT_BOOLEAN          IsOemDefault;
485 	AMT_BOOLEAN          IsTimeValid;
486 	UINT32               ProvServerIP;
487 	TIME_DATE            TlsStartTime;
488 	AMT_ANSI_STRING      ProvServerFQDN;
489 } AMT_PROV_AUDIT_RECORD;
490 
491 typedef struct _CFG_GENERATE_RNG_SEED_RESPONSE
492 {
493 	PTHI_RESPONSE_MESSAGE_HEADER Header;
494 } CFG_GENERATE_RNG_SEED_RESPONSE;
495 
496 typedef struct _CFG_GET_RNG_SEED_STATUS_RESPONSE
497 {
498 	PTHI_RESPONSE_MESSAGE_HEADER Header;
499 	AMT_RNG_STATUS RngStatus;
500 } CFG_GET_RNG_SEED_STATUS_RESPONSE;
501 
502 typedef struct _CFG_GET_ZERO_TOUCH_ENABLED_RESPONSE
503 {
504 	PTHI_RESPONSE_MESSAGE_HEADER Header;
505 	AMT_BOOLEAN ZeroTouchEnabled;
506 } CFG_GET_ZERO_TOUCH_ENABLED_RESPONSE;
507 
508 typedef struct _CFG_GET_PROVISIONING_TLS_MODE_RESPONSE
509 {
510 	PTHI_RESPONSE_MESSAGE_HEADER Header;
511 	AMT_PROVISIONING_TLS_MODE ProvisioningTlsMode;
512 } CFG_GET_PROVISIONING_TLS_MODE_RESPONSE;
513 
514 typedef struct _CFG_START_CONFIGURATION_RESPONSE
515 {
516 	PTHI_RESPONSE_MESSAGE_HEADER Header;
517 } CFG_START_CONFIGURATION_RESPONSE;
518 
519 typedef struct _CFG_SET_PROVISIONING_SERVER_OTP_RESPONSE
520 {
521 	PTHI_RESPONSE_MESSAGE_HEADER Header;
522 } CFG_SET_PROVISIONING_SERVER_OTP_RESPONSE;
523 
524 typedef struct _CFG_SET_DNS_SUFFIX_RESPONSE
525 {
526 	PTHI_RESPONSE_MESSAGE_HEADER Header;
527 } CFG_SET_DNS_SUFFIX_RESPONSE;
528 
529 typedef struct _CFG_GET_HASH_HANDLES_RESPONSE
530 {
531 	PTHI_RESPONSE_MESSAGE_HEADER Header;
532 	AMT_HASH_HANDLES HashHandles;
533 } CFG_GET_HASH_HANDLES_RESPONSE;
534 
535 typedef struct _CFG_GET_CERTHASH_ENTRY_REQUEST
536 {
537 	PTHI_MESSAGE_HEADER Header;
538 	UINT32 HashHandle;
539 } CFG_GET_CERTHASH_ENTRY_REQUEST;
540 
541 typedef struct _CFG_GET_CERTHASH_ENTRY_RESPONSE
542 {
543 	PTHI_RESPONSE_MESSAGE_HEADER Header;
544 	CERTHASH_ENTRY Hash;
545 } CFG_GET_CERTHASH_ENTRY_RESPONSE;
546 
547 typedef struct _CFG_GET_PKI_FQDN_SUFFIX_RESPONSE
548 {
549 	PTHI_RESPONSE_MESSAGE_HEADER Header;
550 	AMT_ANSI_STRING Suffix;
551 } CFG_GET_PKI_FQDN_SUFFIX_RESPONSE;
552 
553 #pragma pack()
554 
555 class PTHICommand
556 {
557 public:
558 	PTHICommand(bool verbose = false, unsigned long sendTimeout = 2000);
559 	~PTHICommand();
560 
561 	AMT_STATUS GetCodeVersions(CODE_VERSIONS &codeVersions);
562 	AMT_STATUS GetProvisioningMode(CFG_PROVISIONING_MODE &provisioningMode);
563 	AMT_STATUS GetProvisioningMode(CFG_PROVISIONING_MODE &provisioningMode, AMT_BOOLEAN &legacy);
564 	AMT_STATUS GetProvisioningState(AMT_PROVISIONING_STATE &state);
565 	AMT_STATUS GetFeaturesState(UINT32 requestID, AMT_BOOLEAN (&requestStatus)[2]);
566 	AMT_STATUS GetLastHostResetReason(UINT32 &Reason, UINT32 &RemoteControlTimeStamp);
567 	AMT_STATUS GetCurrentPowerPolicy(AMT_ANSI_STRING &policyName);
568 	AMT_STATUS GetLanInterfaceSettings(UINT32 interfaceSettings, LAN_SETTINGS &lanSettings);
569 	AMT_STATUS GetHeciVersion(HECI_VERSION &hecVersion);
570 	AMT_STATUS GetTLSEnabled(AMT_BOOLEAN &tlsEnabled);
571 	AMT_STATUS GetDNSSuffixList(std::list<std::string> &dnsSuffixList);
572 	AMT_STATUS SetEnterpriseAccess(UINT8 Flags, UINT8 HostIPAddress[16], UINT8 EnterpriseAccess);
573 	AMT_STATUS GetFWResetReason(UINT8 &MEResetReason);
574 	AMT_STATUS OpenUserInitiatedConnection();
575 	AMT_STATUS CloseUserInitiatedConnection();
576 	AMT_STATUS GetRemoteAccessConnectionStatus(REMOTE_ACCESS_STATUS &remoteAccessStatus);
577 	AMT_STATUS GenerateRngKey();
578 	AMT_STATUS GetRngSeedStatus(AMT_RNG_STATUS &rngStatus);
579 	AMT_STATUS GetZeroTouchEnabled(AMT_BOOLEAN &zeroTouchEnabled);
580 	AMT_STATUS GetProvisioningTlsMode(AMT_PROVISIONING_TLS_MODE &provisioningTlsMode);
581 	AMT_STATUS StartConfiguration();
582 	AMT_STATUS SetProvisioningServerOTP(AMT_ANSI_STRING passwordOTP);
583 	AMT_STATUS SetDnsSuffix(AMT_ANSI_STRING dnsSuffix);
584 	AMT_STATUS EnumerateHashHandles(AMT_HASH_HANDLES &hashHandles);
585 	AMT_STATUS GetCertificateHashEntry(UINT32 hashHandle, CERTHASH_ENTRY &hashEntry);
586 	AMT_STATUS GetDnsSuffix(AMT_ANSI_STRING &dnsSuffix);
587 
588 	HECILinux PTHIClient;
589 
590 private:
591 	AMT_STATUS _call(const unsigned char *command, UINT32 command_size, UINT8 **readBuffer, UINT32 rcmd, unsigned int expSize = 0);
592 	AMT_STATUS _verifyResponseHeader(const UINT32 command, const PTHI_MESSAGE_HEADER &response_header, UINT32 response_size);
593 	AMT_STATUS _verifyCodeVersions(const CFG_GET_CODE_VERSIONS_RESPONSE &response);
594 	AMT_STATUS _verifyCurrentPowerPolicy(const CFG_GET_CURRENT_POWER_POLICY_RESPONSE &response);
595 	AMT_STATUS _verifyGetDNSSuffixList(const CFG_GET_DNS_SUFFIX_LIST_RESPONSE &response);
596 	AMT_STATUS _verifyRemoteAccessConnectionStatus(const CFG_GET_REMOTE_ACCESS_CONNECTION_STATUS_RESPONSE &response);
597 	AMT_STATUS _verifyHashHandles(const CFG_GET_HASH_HANDLES_RESPONSE &response);
598 	AMT_STATUS _verifyGetCertificateHashEntry(const CFG_GET_CERTHASH_ENTRY_RESPONSE &response);
599 	AMT_STATUS _verifyGetDnsSuffix(const CFG_GET_PKI_FQDN_SUFFIX_RESPONSE &response);
600 
601 	unsigned long m_sendTimeout;
602 };
603 
604 /*
605 * Constants
606 */
607 
608 
609 const UINT32 CODE_VERSIONS_REQUEST     = 0x0400001A;
610 const UINT32 CODE_VERSIONS_RESPONSE    = 0x0480001A;
611 
612 const PTHI_MESSAGE_HEADER GET_CODE_VERSION_HEADER = {
613 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{CODE_VERSIONS_REQUEST}}, 0
614 };
615 
616 const UINT32 PROVISIONING_MODE_REQUEST     = 0x04000008;
617 const UINT32 PROVISIONING_MODE_RESPONSE    = 0x04800008;
618 
619 const PTHI_MESSAGE_HEADER GET_PROVISIONING_MODE_HEADER = {
620 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{PROVISIONING_MODE_REQUEST}}, 0
621 };
622 
623 const UINT32 PROVISIONING_STATE_REQUEST    = 0x04000011;
624 const UINT32 PROVISIONING_STATE_RESPONSE   = 0x04800011;
625 
626 const PTHI_MESSAGE_HEADER GET_PROVISIONING_STATE_HEADER = {
627 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{PROVISIONING_STATE_REQUEST}}, 0
628 };
629 
630 const UINT32 GET_FEATURES_STATE_REQUEST		= 0x04000049;
631 const UINT32 GET_FEATURES_STATE_RESPONSE	= 0x04800049;
632 
633 const PTHI_MESSAGE_HEADER GET_FEATURES_STATE_HEADER = {
634 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_FEATURES_STATE_REQUEST}}, (sizeof(CFG_GET_FEATURES_STATE_REQUEST) - sizeof(PTHI_MESSAGE_HEADER))
635 };
636 
637 const UINT32 GET_CURRENT_POWER_POLICY_REQUEST	= 0x04000047;
638 const UINT32 GET_CURRENT_POWER_POLICY_RESPONSE	= 0x04800047;
639 
640 const PTHI_MESSAGE_HEADER GET_CURRENT_POWER_POLICY_HEADER = {
641 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_CURRENT_POWER_POLICY_REQUEST}}, 0
642 };
643 
644 const UINT32 GET_LAST_HOST_RESET_REASON_REQUEST		= 0x0400004A;
645 const UINT32 GET_LAST_HOST_RESET_REASON_RESPONSE	= 0x0480004A;
646 
647 const PTHI_MESSAGE_HEADER GET_LAST_HOST_RESET_REASON_HEADER = {
648 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_LAST_HOST_RESET_REASON_REQUEST}}, 0
649 };
650 
651 const UINT32 GET_LAN_INTERFACE_SETTINGS_REQUEST		= 0x04000048;
652 const UINT32 GET_LAN_INTERFACE_SETTINGS_RESPONSE	= 0x04800048;
653 
654 const PTHI_MESSAGE_HEADER GET_LAN_INTERFACE_SETTINGS_HEADER = {
655 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_LAN_INTERFACE_SETTINGS_REQUEST}}, (sizeof(CFG_GET_LAN_INTERFACE_SETTINGS_REQUEST) - sizeof(PTHI_MESSAGE_HEADER))
656 };
657 
658 const UINT32 GET_SECURITY_PARAMETERS_REQUEST	=0x0400001B;
659 const UINT32 GET_SECURITY_PARAMETERS_RESPONSE	=0x0480001B;
660 
661 const PTHI_MESSAGE_HEADER GET_SECURITY_PARAMETERS_HEADER = {
662 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_SECURITY_PARAMETERS_REQUEST}}, 0
663 };
664 
665 const UINT32 GET_DNS_SUFFIX_LIST_REQUEST        = 0x0400003E;
666 const UINT32 GET_DNS_SUFFIX_LIST_RESPONSE       = 0x0480003E;
667 
668 const PTHI_MESSAGE_HEADER GET_DNS_SUFFIX_LIST_HEADER = {
669 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_DNS_SUFFIX_LIST_REQUEST}}, 0
670 };
671 
672 const UINT32 SET_ENTERPRISE_ACCESS_REQUEST   = 0x0400003F;
673 const UINT32 SET_ENTERPRISE_ACCESS_RESPONSE  = 0x0480003F;
674 
675 const PTHI_MESSAGE_HEADER SET_ENTERPRISE_ACCESS_HEADER = {
676 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{SET_ENTERPRISE_ACCESS_REQUEST}}, (sizeof(CFG_SET_ENTERPRISE_ACCESS_REQUEST) - sizeof(PTHI_MESSAGE_HEADER))
677 };
678 
679 const UINT32 OPEN_USER_INITIATED_CONNECTION_REQUEST    = 0x04000044;
680 const UINT32 OPEN_USER_INITIATED_CONNECTION_RESPONSE   = 0x04800044;
681 
682 const PTHI_MESSAGE_HEADER OPEN_USER_INITIATED_CONNECTION_HEADER = {
683 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{OPEN_USER_INITIATED_CONNECTION_REQUEST}}, 0
684 };
685 
686 const UINT32 CLOSE_USER_INITIATED_CONNECTION_REQUEST   = 0x04000045;
687 const UINT32 CLOSE_USER_INITIATED_CONNECTION_RESPONSE  = 0x04800045;
688 
689 const PTHI_MESSAGE_HEADER CLOSE_USER_INITIATED_CONNECTION_HEADER = {
690 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{CLOSE_USER_INITIATED_CONNECTION_REQUEST}}, 0
691 };
692 
693 const UINT32 GET_REMOTE_ACCESS_CONNECTION_STATUS_REQUEST       = 0x04000046;
694 const UINT32 GET_REMOTE_ACCESS_CONNECTION_STATUS_RESPONSE      = 0x04800046;
695 
696 const PTHI_MESSAGE_HEADER GET_REMOTE_ACCESS_CONNECTION_STATUS_HEADER = {
697 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_REMOTE_ACCESS_CONNECTION_STATUS_REQUEST}}, 0
698 };
699 
700 const UINT32 GET_AMT_STATE_REQUEST         = 0x01000001;
701 const UINT32 GET_AMT_STATE_RESPONSE        = 0x01800001;
702 
703 const PTHI_MESSAGE_HEADER GET_AMT_STATE_HEADER = {
704 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_AMT_STATE_REQUEST}}, sizeof(AMT_UUID)
705 };
706 
707 const UINT32 GENERATE_RNG_SEED_REQUEST    = 0x04000028;
708 const UINT32 GENERATE_RNG_SEED_RESPONSE   = 0x04800028;
709 
710 const PTHI_MESSAGE_HEADER GENERATE_RNG_SEED_HEADER = {
711 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GENERATE_RNG_SEED_REQUEST}}, 0
712 };
713 
714 const UINT32 GET_RNG_SEED_STATUS_REQUEST    = 0x0400002E;
715 const UINT32 GET_RNG_SEED_STATUS_RESPONSE   = 0x0480002E;
716 
717 const PTHI_MESSAGE_HEADER GET_RNG_SEED_STATUS_HEADER = {
718 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_RNG_SEED_STATUS_REQUEST}}, 0
719 };
720 
721 const UINT32 GET_ZERO_TOUCH_ENABLED_REQUEST    = 0x04000030;
722 const UINT32 GET_ZERO_TOUCH_ENABLED_RESPONSE   = 0x04800030;
723 
724 const PTHI_MESSAGE_HEADER GET_ZERO_TOUCH_ENABLED_HEADER = {
725 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_ZERO_TOUCH_ENABLED_REQUEST}}, 0
726 };
727 
728 const UINT32 GET_PROVISIONING_TLS_MODE_REQUEST     = 0x0400002B;
729 const UINT32 GET_PROVISIONING_TLS_MODE_RESPONSE    = 0x0480002B;
730 
731 const PTHI_MESSAGE_HEADER GET_PROVISIONING_TLS_MODE_HEADER = {
732 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_PROVISIONING_TLS_MODE_REQUEST}}, 0
733 };
734 
735 const UINT32 START_CONFIGURATION_REQUEST     = 0x04000029;
736 const UINT32 START_CONFIGURATION_RESPONSE    = 0x04800029;
737 
738 const PTHI_MESSAGE_HEADER START_CONFIGURATION_HEADER = {
739 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{START_CONFIGURATION_REQUEST}}, 0
740 };
741 
742 const UINT32 SET_PROVISIONING_SERVER_OTP_REQUEST     = 0x0400002A;
743 const UINT32 SET_PROVISIONING_SERVER_OTP_RESPONSE    = 0x0480002A;
744 
745 const UINT32 SET_DNS_SUFFIX_REQUEST     = 0x0400002F;
746 const UINT32 SET_DNS_SUFFIX_RESPONSE    = 0x0480002F;
747 
748 const UINT32 ENUMERATE_HASH_HANDLES_REQUEST     = 0x0400002C;
749 const UINT32 ENUMERATE_HASH_HANDLES_RESPONSE    = 0x0480002C;
750 
751 const PTHI_MESSAGE_HEADER ENUMERATE_HASH_HANDLES_HEADER = {
752 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{ENUMERATE_HASH_HANDLES_REQUEST}}, 0
753 };
754 
755 const UINT32 GET_CERTHASH_ENTRY_REQUEST     = 0x0400002D;
756 const UINT32 GET_CERTHASH_ENTRY_RESPONSE    = 0x0480002D;
757 
758 const PTHI_MESSAGE_HEADER GET_CERTHASH_ENTRY_HEADER = {
759 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_CERTHASH_ENTRY_REQUEST}}, sizeof(UINT32)
760 };
761 
762 const UINT32 GET_PKI_FQDN_SUFFIX_REQUEST    = 0x04000036;
763 const UINT32 GET_PKI_FQDN_SUFFIX_RESPONSE   = 0x04800036;
764 
765 const PTHI_MESSAGE_HEADER GET_PKI_FQDN_SUFFIX_HEADER = {
766 	{AMT_MAJOR_VERSION, AMT_MINOR_VERSION}, 0, {{GET_PKI_FQDN_SUFFIX_REQUEST}}, 0
767 };
768 
769 #endif
770 
771