Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_common_lib.h"
8 : #include "internal/libspdm_secured_message_lib.h"
9 : #include "internal/libspdm_fips_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
12 : /* first section */
13 68176 : uint32_t libspdm_get_scratch_buffer_secure_message_offset(libspdm_context_t *spdm_context) {
14 68176 : return 0;
15 : }
16 :
17 420429 : uint32_t libspdm_get_scratch_buffer_secure_message_capacity(libspdm_context_t *spdm_context) {
18 420429 : return spdm_context->local_context.capability.max_spdm_msg_size +
19 840858 : spdm_context->local_context.capability.transport_header_size +
20 420429 : spdm_context->local_context.capability.transport_tail_size;
21 : }
22 :
23 : /* second section */
24 49 : uint32_t libspdm_get_scratch_buffer_large_message_offset(libspdm_context_t *spdm_context) {
25 49 : return libspdm_get_scratch_buffer_secure_message_capacity(spdm_context);
26 : }
27 :
28 352229 : uint32_t libspdm_get_scratch_buffer_large_message_capacity(libspdm_context_t *spdm_context) {
29 352229 : return spdm_context->local_context.capability.max_spdm_msg_size;
30 : }
31 : #endif
32 :
33 : /* third section */
34 202083 : uint32_t libspdm_get_scratch_buffer_sender_receiver_offset(libspdm_context_t *spdm_context) {
35 202083 : return 0 +
36 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
37 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
38 202083 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
39 : #endif
40 : 0;
41 : }
42 :
43 283987 : uint32_t libspdm_get_scratch_buffer_sender_receiver_capacity(libspdm_context_t *spdm_context) {
44 283987 : return spdm_context->local_context.capability.max_spdm_msg_size +
45 567974 : spdm_context->local_context.capability.transport_header_size +
46 283987 : spdm_context->local_context.capability.transport_tail_size;
47 : }
48 :
49 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
50 : /* fourth section */
51 12932 : uint32_t libspdm_get_scratch_buffer_large_sender_receiver_offset(libspdm_context_t *spdm_context) {
52 12932 : return libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
53 25864 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
54 12932 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context);
55 : }
56 :
57 147533 : uint32_t libspdm_get_scratch_buffer_large_sender_receiver_capacity(libspdm_context_t *spdm_context)
58 : {
59 147533 : return spdm_context->local_context.capability.max_spdm_msg_size +
60 295066 : spdm_context->local_context.capability.transport_header_size +
61 147533 : spdm_context->local_context.capability.transport_tail_size;
62 : }
63 : #endif
64 :
65 : /* fifth section */
66 114 : uint32_t libspdm_get_scratch_buffer_last_spdm_request_offset(libspdm_context_t *spdm_context) {
67 114 : return 0 +
68 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
69 114 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
70 114 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
71 : #endif
72 114 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
73 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
74 114 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
75 : #endif
76 : 0;
77 : }
78 :
79 276419 : uint32_t libspdm_get_scratch_buffer_last_spdm_request_capacity(libspdm_context_t *spdm_context) {
80 276419 : return spdm_context->local_context.capability.max_spdm_msg_size;
81 : }
82 :
83 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
84 : /* sixth section */
85 114 : uint32_t libspdm_get_scratch_buffer_cache_spdm_request_offset(libspdm_context_t *spdm_context) {
86 114 : return 0 +
87 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
88 114 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
89 114 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
90 : #endif
91 114 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
92 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
93 114 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
94 : #endif
95 114 : libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context) +
96 : 0;
97 : }
98 :
99 273719 : uint32_t libspdm_get_scratch_buffer_cache_spdm_request_capacity(libspdm_context_t *spdm_context) {
100 273719 : return spdm_context->local_context.capability.max_spdm_msg_size;
101 : }
102 : #endif
103 :
104 : /* combination */
105 136961 : uint32_t libspdm_get_scratch_buffer_capacity(libspdm_context_t *spdm_context) {
106 136961 : return 0 +
107 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
108 136961 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
109 136961 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
110 : #endif
111 136961 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
112 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
113 136961 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
114 : #endif
115 136961 : libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context) +
116 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
117 136961 : libspdm_get_scratch_buffer_cache_spdm_request_capacity(spdm_context) +
118 : #endif
119 : 0;
120 : }
121 :
122 : /**
123 : * Returns if an SPDM data_type requires session info.
124 : *
125 : * @param data_type SPDM data type.
126 : *
127 : * @retval true session info is required.
128 : * @retval false session info is not required.
129 : **/
130 31 : static bool need_session_info_for_data(libspdm_data_type_t data_type)
131 : {
132 31 : switch (data_type) {
133 0 : case LIBSPDM_DATA_SESSION_SECURED_MESSAGE_VERSION:
134 : case LIBSPDM_DATA_SESSION_USE_PSK:
135 : case LIBSPDM_DATA_SESSION_MUT_AUTH_REQUESTED:
136 : case LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES:
137 : case LIBSPDM_DATA_SESSION_POLICY:
138 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_RSP_DIR:
139 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_REQ_DIR:
140 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_ENDIAN:
141 0 : return true;
142 31 : default:
143 31 : return false;
144 : }
145 : }
146 :
147 19 : libspdm_return_t libspdm_set_data(void *spdm_context, libspdm_data_type_t data_type,
148 : const libspdm_data_parameter_t *parameter, const void *data,
149 : size_t data_size)
150 : {
151 : libspdm_context_t *context;
152 : uint32_t session_id;
153 : uint32_t data32;
154 : libspdm_session_info_t *session_info;
155 : uint8_t slot_id;
156 : uint8_t mut_auth_requested;
157 : uint8_t root_cert_index;
158 : uint16_t data16;
159 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT) && LIBSPDM_CERT_PARSE_SUPPORT
160 : bool status;
161 : const uint8_t *cert_buffer;
162 : size_t cert_buffer_size;
163 : #endif
164 :
165 19 : if (spdm_context == NULL || data == NULL || data_type >= LIBSPDM_DATA_MAX) {
166 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
167 : }
168 :
169 19 : context = spdm_context;
170 :
171 19 : if (need_session_info_for_data(data_type)) {
172 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_SESSION) {
173 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
174 : }
175 0 : session_id = libspdm_read_uint32(parameter->additional_data);
176 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
177 0 : if (session_info == NULL) {
178 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
179 : }
180 : } else {
181 19 : session_info = NULL;
182 : }
183 :
184 19 : switch (data_type) {
185 0 : case LIBSPDM_DATA_SPDM_VERSION:
186 0 : LIBSPDM_ASSERT (data_size <= sizeof(spdm_version_number_t) * SPDM_MAX_VERSION_COUNT);
187 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
188 : /* Only have one connected version */
189 0 : LIBSPDM_ASSERT (data_size == sizeof(spdm_version_number_t));
190 0 : libspdm_copy_mem(&(context->connection_info.version),
191 : sizeof(context->connection_info.version),
192 : data,
193 : sizeof(spdm_version_number_t));
194 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
195 0 : context->local_context.version.spdm_version_count =
196 0 : (uint8_t)(data_size / sizeof(spdm_version_number_t));
197 0 : libspdm_copy_mem(context->local_context.version.spdm_version,
198 : sizeof(context->local_context.version.spdm_version),
199 : data,
200 0 : context->local_context.version.spdm_version_count *
201 : sizeof(spdm_version_number_t));
202 : } else {
203 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
204 : }
205 0 : break;
206 0 : case LIBSPDM_DATA_SECURED_MESSAGE_VERSION:
207 0 : LIBSPDM_ASSERT (data_size <=
208 : sizeof(spdm_version_number_t) * SECURED_SPDM_MAX_VERSION_COUNT);
209 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
210 0 : context->local_context.secured_message_version.secured_message_version_count =
211 0 : (uint8_t)(data_size / sizeof(spdm_version_number_t));
212 0 : libspdm_copy_mem(context->local_context.secured_message_version.secured_message_version,
213 : sizeof(context->local_context.secured_message_version.secured_message_version),
214 : data,
215 0 : context->local_context.secured_message_version.
216 : secured_message_version_count * sizeof(spdm_version_number_t));
217 : } else {
218 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
219 : }
220 0 : break;
221 0 : case LIBSPDM_DATA_CAPABILITY_FLAGS:
222 0 : if (data_size != sizeof(uint32_t)) {
223 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
224 : }
225 :
226 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
227 :
228 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
229 : #if !(LIBSPDM_ENABLE_CAPABILITY_CERT_CAP)
230 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP) == 0);
231 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_CERT_CAP */
232 :
233 : #if !(LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP)
234 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP) == 0);
235 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP */
236 :
237 : #if !(LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP)
238 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP) == 0);
239 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
240 :
241 : #if !(LIBSPDM_ENABLE_CAPABILITY_MEL_CAP)
242 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEL_CAP) == 0);
243 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_MEL_CAP */
244 :
245 : #if !(LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP)
246 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP) == 0);
247 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP */
248 :
249 : #if !(LIBSPDM_ENABLE_CAPABILITY_PSK_CAP)
250 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP) == 0);
251 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
252 :
253 : #if !(LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP)
254 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EP_INFO_CAP) == 0);
255 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP */
256 :
257 0 : context->local_context.capability.flags = data32;
258 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
259 0 : context->connection_info.capability.flags = data32;
260 : } else {
261 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
262 : }
263 0 : break;
264 0 : case LIBSPDM_DATA_CAPABILITY_EXT_FLAGS:
265 0 : if (data_size != sizeof(uint16_t)) {
266 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
267 : }
268 :
269 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
270 :
271 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
272 0 : context->local_context.capability.flags = data16;
273 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
274 0 : context->connection_info.capability.flags = data16;
275 : } else {
276 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
277 : }
278 0 : break;
279 0 : case LIBSPDM_DATA_CAPABILITY_CT_EXPONENT:
280 0 : if (data_size != sizeof(uint8_t)) {
281 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
282 : }
283 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
284 0 : context->connection_info.capability.ct_exponent = *(const uint8_t *)data;
285 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
286 0 : context->local_context.capability.ct_exponent = *(const uint8_t *)data;
287 : } else {
288 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
289 : }
290 0 : break;
291 0 : case LIBSPDM_DATA_CAPABILITY_RTT_US:
292 0 : if (data_size != sizeof(uint64_t)) {
293 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
294 : }
295 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
296 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
297 : }
298 0 : context->local_context.capability.rtt = libspdm_read_uint64((const uint8_t *)data);
299 0 : break;
300 0 : case LIBSPDM_DATA_CAPABILITY_MAX_SPDM_MSG_SIZE:
301 0 : if (data_size != sizeof(uint32_t)) {
302 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
303 : }
304 : /* The local max_spdm_msg_size is set by libspdm_register_transport_layer_func.
305 : * Only the connection's max_spdm_msg_size is settable here. */
306 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
307 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
308 : }
309 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
310 0 : LIBSPDM_ASSERT (data32 >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
311 0 : context->connection_info.capability.max_spdm_msg_size = data32;
312 0 : break;
313 0 : case LIBSPDM_DATA_MEASUREMENT_SPEC:
314 0 : if (data_size != sizeof(uint8_t)) {
315 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
316 : }
317 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
318 0 : context->connection_info.algorithm.measurement_spec = *(const uint8_t *)data;
319 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
320 0 : context->local_context.algorithm.measurement_spec = *(const uint8_t *)data;
321 : } else {
322 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
323 : }
324 0 : break;
325 0 : case LIBSPDM_DATA_MEASUREMENT_HASH_ALGO:
326 0 : if (data_size != sizeof(uint32_t)) {
327 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
328 : }
329 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
330 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
331 0 : context->connection_info.algorithm.measurement_hash_algo = data32;
332 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
333 0 : context->local_context.algorithm.measurement_hash_algo = data32;
334 : } else {
335 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
336 : }
337 0 : break;
338 0 : case LIBSPDM_DATA_BASE_ASYM_ALGO:
339 0 : if (data_size != sizeof(uint32_t)) {
340 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
341 : }
342 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
343 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
344 0 : context->connection_info.algorithm.base_asym_algo = data32;
345 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
346 0 : context->local_context.algorithm.base_asym_algo = data32;
347 : } else {
348 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
349 : }
350 0 : break;
351 0 : case LIBSPDM_DATA_BASE_HASH_ALGO:
352 0 : if (data_size != sizeof(uint32_t)) {
353 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
354 : }
355 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
356 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
357 0 : context->connection_info.algorithm.base_hash_algo = data32;
358 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
359 0 : context->local_context.algorithm.base_hash_algo = data32;
360 : } else {
361 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
362 : }
363 0 : break;
364 0 : case LIBSPDM_DATA_DHE_NAME_GROUP:
365 0 : if (data_size != sizeof(uint16_t)) {
366 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
367 : }
368 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
369 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
370 0 : context->connection_info.algorithm.dhe_named_group = data16;
371 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
372 0 : context->local_context.algorithm.dhe_named_group = data16;
373 : } else {
374 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
375 : }
376 0 : break;
377 0 : case LIBSPDM_DATA_AEAD_CIPHER_SUITE:
378 0 : if (data_size != sizeof(uint16_t)) {
379 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
380 : }
381 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
382 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
383 0 : context->connection_info.algorithm.aead_cipher_suite = data16;
384 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
385 0 : context->local_context.algorithm.aead_cipher_suite = data16;
386 : } else {
387 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
388 : }
389 0 : break;
390 0 : case LIBSPDM_DATA_REQ_BASE_ASYM_ALG:
391 0 : if (data_size != sizeof(uint16_t)) {
392 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
393 : }
394 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
395 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
396 0 : context->connection_info.algorithm.req_base_asym_alg = data16;
397 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
398 0 : context->local_context.algorithm.req_base_asym_alg = data16;
399 : } else {
400 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
401 : }
402 0 : break;
403 0 : case LIBSPDM_DATA_KEY_SCHEDULE:
404 0 : if (data_size != sizeof(uint16_t)) {
405 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
406 : }
407 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
408 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
409 0 : context->connection_info.algorithm.key_schedule = data16;
410 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
411 0 : context->local_context.algorithm.key_schedule = data16;
412 : } else {
413 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
414 : }
415 0 : break;
416 0 : case LIBSPDM_DATA_OTHER_PARAMS_SUPPORT:
417 0 : if (data_size != sizeof(uint8_t)) {
418 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
419 : }
420 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
421 0 : context->connection_info.algorithm.other_params_support = *(const uint8_t *)data;
422 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
423 0 : context->local_context.algorithm.other_params_support = *(const uint8_t *)data;
424 : } else {
425 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
426 : }
427 0 : break;
428 0 : case LIBSPDM_DATA_MEL_SPEC:
429 0 : if (data_size != sizeof(uint8_t)) {
430 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
431 : }
432 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
433 0 : context->connection_info.algorithm.mel_spec = *(const uint8_t *)data;
434 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
435 0 : context->local_context.algorithm.mel_spec = *(const uint8_t *)data;
436 : } else {
437 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
438 : }
439 0 : break;
440 0 : case LIBSPDM_DATA_PQC_ASYM_ALGO:
441 0 : if (data_size != sizeof(uint32_t)) {
442 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
443 : }
444 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
445 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
446 0 : context->connection_info.algorithm.pqc_asym_algo = data32;
447 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
448 0 : context->local_context.algorithm.pqc_asym_algo = data32;
449 : } else {
450 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
451 : }
452 0 : break;
453 0 : case LIBSPDM_DATA_REQ_PQC_ASYM_ALG:
454 0 : if (data_size != sizeof(uint32_t)) {
455 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
456 : }
457 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
458 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
459 0 : context->connection_info.algorithm.req_pqc_asym_alg = data32;
460 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
461 0 : context->local_context.algorithm.req_pqc_asym_alg = data32;
462 : } else {
463 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
464 : }
465 0 : break;
466 0 : case LIBSPDM_DATA_KEM_ALG:
467 0 : if (data_size != sizeof(uint32_t)) {
468 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
469 : }
470 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
471 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
472 0 : context->connection_info.algorithm.kem_alg = data32;
473 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
474 0 : context->local_context.algorithm.kem_alg = data32;
475 : } else {
476 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
477 : }
478 0 : break;
479 0 : case LIBSPDM_DATA_ALGO_PRIORITY_PQC_FIRST:
480 0 : if (data_size != sizeof(bool)) {
481 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
482 : }
483 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
484 0 : context->local_context.algorithm.pqc_first = *(const bool *)data;
485 : } else {
486 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
487 : }
488 0 : break;
489 0 : case LIBSPDM_DATA_CONNECTION_STATE:
490 0 : if (data_size != sizeof(libspdm_connection_state_t)) {
491 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
492 : }
493 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
494 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
495 : }
496 0 : context->connection_info.connection_state = libspdm_read_uint32((const uint8_t *)data);
497 0 : break;
498 0 : case LIBSPDM_DATA_RESPONSE_STATE:
499 0 : if (data_size != sizeof(libspdm_response_state_t)) {
500 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
501 : }
502 0 : context->response_state = libspdm_read_uint32((const uint8_t *)data);
503 0 : break;
504 2 : case LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT:
505 2 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
506 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
507 : }
508 2 : root_cert_index = 0;
509 11 : while (context->local_context.peer_root_cert_provision[root_cert_index] != NULL) {
510 10 : root_cert_index++;
511 10 : if (root_cert_index >= LIBSPDM_MAX_ROOT_CERT_SUPPORT) {
512 1 : return LIBSPDM_STATUS_BUFFER_FULL;
513 : }
514 : }
515 1 : context->local_context.peer_root_cert_provision_size[root_cert_index] = data_size;
516 1 : context->local_context.peer_root_cert_provision[root_cert_index] = data;
517 1 : break;
518 0 : case LIBSPDM_DATA_LOCAL_PUBLIC_CERT_CHAIN:
519 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
520 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
521 : }
522 0 : slot_id = parameter->additional_data[0];
523 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
524 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
525 : }
526 0 : context->local_context.local_cert_chain_provision_size[slot_id] = data_size;
527 0 : context->local_context.local_cert_chain_provision[slot_id] = data;
528 0 : break;
529 0 : case LIBSPDM_DATA_LOCAL_SUPPORTED_SLOT_MASK:
530 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
531 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
532 : }
533 0 : if (data_size != sizeof(uint8_t)) {
534 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
535 : }
536 0 : context->local_context.local_supported_slot_mask = *(const uint8_t *)data;
537 0 : break;
538 0 : case LIBSPDM_DATA_LOCAL_KEY_PAIR_ID:
539 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
540 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
541 : }
542 0 : slot_id = parameter->additional_data[0];
543 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
544 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
545 : }
546 0 : if (data_size != sizeof(spdm_key_pair_id_t)) {
547 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
548 : }
549 0 : context->local_context.local_key_pair_id[slot_id] = *(const spdm_key_pair_id_t *)data;
550 0 : break;
551 0 : case LIBSPDM_DATA_LOCAL_CERT_INFO:
552 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
553 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
554 : }
555 0 : slot_id = parameter->additional_data[0];
556 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
557 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
558 : }
559 0 : if (data_size != sizeof(spdm_certificate_info_t)) {
560 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
561 : }
562 0 : context->local_context.local_cert_info[slot_id] = *(const spdm_certificate_info_t *)data;
563 0 : break;
564 0 : case LIBSPDM_DATA_LOCAL_KEY_USAGE_BIT_MASK:
565 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
566 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
567 : }
568 0 : slot_id = parameter->additional_data[0];
569 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
570 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
571 : }
572 0 : if (data_size != sizeof(spdm_key_usage_bit_mask_t)) {
573 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
574 : }
575 0 : context->local_context.local_key_usage_bit_mask[slot_id] =
576 0 : libspdm_read_uint16((const uint8_t *)data);
577 0 : break;
578 3 : case LIBSPDM_DATA_PEER_USED_CERT_CHAIN_BUFFER:
579 3 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
580 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
581 : }
582 3 : slot_id = parameter->additional_data[0];
583 3 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
584 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
585 : }
586 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
587 : if (data_size > LIBSPDM_MAX_CERT_CHAIN_SIZE) {
588 : return LIBSPDM_STATUS_BUFFER_TOO_SMALL;
589 : }
590 : context->connection_info.peer_used_cert_chain[slot_id].buffer_size = data_size;
591 : libspdm_copy_mem(context->connection_info.peer_used_cert_chain[slot_id].buffer,
592 : sizeof(context->connection_info.peer_used_cert_chain[slot_id].buffer),
593 : data, data_size);
594 : #else
595 : #if LIBSPDM_CERT_PARSE_SUPPORT
596 3 : status = libspdm_hash_all(
597 : context->connection_info.algorithm.base_hash_algo,
598 : data, data_size,
599 3 : context->connection_info.peer_used_cert_chain[slot_id].buffer_hash);
600 3 : if (!status) {
601 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
602 : }
603 :
604 6 : context->connection_info.peer_used_cert_chain[slot_id].buffer_hash_size =
605 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
606 :
607 : /*process the SPDM cert header and hash*/
608 3 : data = (const uint8_t *)data + sizeof(spdm_cert_chain_t) +
609 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
610 3 : data_size = data_size -
611 : (sizeof(spdm_cert_chain_t) +
612 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo));
613 :
614 : /* Get leaf cert from cert chain */
615 3 : status = libspdm_x509_get_cert_from_cert_chain(data, data_size, -1,
616 : &cert_buffer, &cert_buffer_size);
617 3 : if (!status) {
618 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
619 : }
620 :
621 3 : status = false;
622 : #if (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT)
623 3 : if (!status) {
624 3 : status = libspdm_rsa_get_public_key_from_x509(
625 : cert_buffer, cert_buffer_size,
626 3 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
627 : }
628 : #endif
629 : #if LIBSPDM_ECDSA_SUPPORT
630 3 : if (!status) {
631 3 : status = libspdm_ec_get_public_key_from_x509(
632 : cert_buffer, cert_buffer_size,
633 3 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
634 : }
635 : #endif
636 : #if (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT)
637 : if (!status) {
638 : status = libspdm_ecd_get_public_key_from_x509(
639 : cert_buffer, cert_buffer_size,
640 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
641 : }
642 : #endif
643 : #if LIBSPDM_SM2_DSA_SUPPORT
644 : if (!status) {
645 : status = libspdm_sm2_get_public_key_from_x509(
646 : cert_buffer, cert_buffer_size,
647 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
648 : }
649 : #endif
650 3 : if (!status) {
651 0 : return LIBSPDM_STATUS_INVALID_CERT;
652 : }
653 : #else
654 : LIBSPDM_ASSERT (false);
655 : #endif /* LIBSPDM_CERT_PARSE_SUPPORT */
656 : #endif /* LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT */
657 3 : break;
658 0 : case LIBSPDM_DATA_PEER_PUBLIC_KEY:
659 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
660 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
661 : }
662 0 : context->local_context.peer_public_key_provision_size = data_size;
663 0 : context->local_context.peer_public_key_provision = data;
664 0 : break;
665 0 : case LIBSPDM_DATA_LOCAL_PUBLIC_KEY:
666 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
667 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
668 : }
669 0 : context->local_context.local_public_key_provision_size = data_size;
670 0 : context->local_context.local_public_key_provision = data;
671 0 : break;
672 0 : case LIBSPDM_DATA_MUT_AUTH_REQUESTED:
673 0 : if (data_size != sizeof(uint8_t)) {
674 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
675 : }
676 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
677 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
678 : }
679 0 : mut_auth_requested = *(const uint8_t *)data;
680 0 : if (((mut_auth_requested != 0) &&
681 : (mut_auth_requested !=
682 0 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED) &&
683 : (mut_auth_requested !=
684 0 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST) &&
685 : (mut_auth_requested !=
686 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS))) {
687 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
688 : }
689 0 : context->encap_context.request_id = 0;
690 0 : slot_id = parameter->additional_data[0];
691 0 : if ((slot_id >= SPDM_MAX_SLOT_COUNT) && (slot_id != 0xFF)) {
692 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
693 : }
694 0 : context->encap_context.req_slot_id = slot_id;
695 0 : break;
696 0 : case LIBSPDM_DATA_HEARTBEAT_PERIOD:
697 0 : if (data_size != sizeof(uint8_t)) {
698 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
699 : }
700 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
701 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
702 : }
703 0 : context->local_context.heartbeat_period = *(const uint8_t *)data;
704 0 : break;
705 4 : case LIBSPDM_DATA_APP_CONTEXT_DATA:
706 4 : if (data_size != sizeof(void *) || *(void *const *)data == NULL) {
707 2 : return LIBSPDM_STATUS_INVALID_PARAMETER;
708 : }
709 2 : context->app_context_data_ptr = *(void *const *)data;
710 2 : break;
711 0 : case LIBSPDM_DATA_HANDLE_ERROR_RETURN_POLICY:
712 0 : if (data_size != sizeof(uint8_t)) {
713 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
714 : }
715 0 : context->handle_error_return_policy = *(const uint8_t *)data;
716 0 : break;
717 0 : case LIBSPDM_DATA_VCA_CACHE:
718 0 : if (data_size > sizeof(context->transcript.message_a.buffer)) {
719 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
720 : }
721 0 : context->transcript.message_a.buffer_size = data_size;
722 0 : libspdm_copy_mem(context->transcript.message_a.buffer,
723 : sizeof(context->transcript.message_a.buffer),
724 : data, data_size);
725 0 : break;
726 0 : case LIBSPDM_DATA_IS_REQUESTER:
727 0 : if (data_size != sizeof(bool)) {
728 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
729 : }
730 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
731 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
732 : }
733 0 : context->local_context.is_requester = *(const bool *)data;
734 0 : break;
735 0 : case LIBSPDM_DATA_REQUEST_RETRY_TIMES:
736 0 : if (data_size != sizeof(uint8_t)) {
737 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
738 : }
739 0 : context->retry_times = *(const uint8_t *)data;
740 0 : break;
741 0 : case LIBSPDM_DATA_REQUEST_RETRY_DELAY_TIME:
742 0 : if (data_size != sizeof(uint64_t)) {
743 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
744 : }
745 0 : context->retry_delay_time = *(const uint64_t *)data;
746 0 : break;
747 5 : case LIBSPDM_DATA_MAX_DHE_SESSION_COUNT:
748 5 : if (data_size != sizeof(uint32_t)) {
749 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
750 : }
751 5 : if (*(const uint32_t *)data > LIBSPDM_MAX_SESSION_COUNT - context->max_psk_session_count) {
752 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
753 : }
754 5 : context->max_dhe_session_count = *(const uint32_t *)data;
755 5 : break;
756 5 : case LIBSPDM_DATA_MAX_PSK_SESSION_COUNT:
757 5 : if (data_size != sizeof(uint32_t)) {
758 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
759 : }
760 5 : if (*(const uint32_t *)data > LIBSPDM_MAX_SESSION_COUNT - context->max_dhe_session_count) {
761 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
762 : }
763 5 : context->max_psk_session_count = *(const uint32_t *)data;
764 5 : break;
765 0 : case LIBSPDM_DATA_MAX_SPDM_SESSION_SEQUENCE_NUMBER:
766 0 : if (data_size != sizeof(uint64_t)) {
767 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
768 : }
769 0 : context->max_spdm_session_sequence_number = *(const uint64_t *)data;
770 0 : if (context->max_spdm_session_sequence_number == 0) {
771 0 : context->max_spdm_session_sequence_number = LIBSPDM_MAX_SPDM_SESSION_SEQUENCE_NUMBER;
772 : }
773 0 : break;
774 0 : case LIBSPDM_DATA_SPDM_VERSION_10_11_VERIFY_SIGNATURE_ENDIAN:
775 0 : if (data_size != sizeof(uint8_t)) {
776 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
777 : }
778 0 : if (*(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY &&
779 0 : *(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY &&
780 0 : *(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE) {
781 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
782 : }
783 0 : context->spdm_10_11_verify_signature_endian = *(const uint8_t*)data;
784 0 : break;
785 0 : case LIBSPDM_DATA_SEQUENCE_NUMBER_ENDIAN:
786 0 : if (data_size != sizeof(uint8_t)) {
787 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
788 : }
789 0 : context->sequence_number_endian = *(const uint8_t *)data;
790 0 : break;
791 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_REQ:
792 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
793 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
794 : }
795 0 : if (data_size != sizeof(bool)) {
796 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
797 : }
798 0 : context->connection_info.multi_key_conn_req = *(const bool *)data;
799 0 : break;
800 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_RSP:
801 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
802 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
803 : }
804 0 : if (data_size != sizeof(bool)) {
805 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
806 : }
807 0 : context->connection_info.multi_key_conn_rsp = *(const bool *)data;
808 0 : break;
809 0 : default:
810 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
811 : break;
812 : }
813 :
814 16 : return LIBSPDM_STATUS_SUCCESS;
815 : }
816 :
817 12 : libspdm_return_t libspdm_get_data(void *spdm_context, libspdm_data_type_t data_type,
818 : const libspdm_data_parameter_t *parameter,
819 : void *data, size_t *data_size)
820 : {
821 : libspdm_context_t *context;
822 12 : libspdm_secured_message_context_t *secured_context = NULL;
823 : size_t target_data_size;
824 : void *target_data;
825 : uint32_t session_id;
826 : libspdm_session_info_t *session_info;
827 : uint8_t slot_id;
828 :
829 12 : if (spdm_context == NULL || data == NULL || data_size == NULL ||
830 : data_type >= LIBSPDM_DATA_MAX) {
831 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
832 : }
833 :
834 12 : context = spdm_context;
835 :
836 12 : if (data_type == LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES) {
837 : /* end_session_attributes is present in both a session context as well as an
838 : * spdm context. */
839 0 : session_id = libspdm_read_uint32(parameter->additional_data);
840 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
841 12 : } else if (need_session_info_for_data(data_type)) {
842 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_SESSION) {
843 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
844 : }
845 0 : session_id = libspdm_read_uint32(parameter->additional_data);
846 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
847 0 : if (session_info == NULL) {
848 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
849 : }
850 0 : secured_context = session_info->secured_message_context;
851 : } else {
852 12 : session_info = NULL;
853 : }
854 :
855 12 : switch (data_type) {
856 0 : case LIBSPDM_DATA_SPDM_VERSION:
857 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
858 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
859 : }
860 0 : target_data_size = sizeof(spdm_version_number_t);
861 0 : target_data = &(context->connection_info.version);
862 0 : break;
863 0 : case LIBSPDM_DATA_SESSION_SECURED_MESSAGE_VERSION:
864 0 : target_data_size = sizeof(spdm_version_number_t);
865 0 : target_data = &(secured_context->secured_message_version);
866 0 : break;
867 0 : case LIBSPDM_DATA_CAPABILITY_FLAGS:
868 0 : target_data_size = sizeof(uint32_t);
869 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
870 0 : target_data = &context->connection_info.capability.flags;
871 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
872 0 : target_data = &context->local_context.capability.flags;
873 : } else {
874 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
875 : }
876 0 : break;
877 0 : case LIBSPDM_DATA_CAPABILITY_EXT_FLAGS:
878 0 : target_data_size = sizeof(uint16_t);
879 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
880 0 : target_data = &context->connection_info.capability.ext_flags;
881 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
882 0 : target_data = &context->local_context.capability.ext_flags;
883 : } else {
884 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
885 : }
886 0 : break;
887 0 : case LIBSPDM_DATA_CAPABILITY_CT_EXPONENT:
888 0 : target_data_size = sizeof(uint8_t);
889 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
890 0 : target_data = &context->connection_info.capability.ct_exponent;
891 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
892 0 : target_data = &context->local_context.capability.ct_exponent;
893 : } else {
894 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
895 : }
896 0 : break;
897 0 : case LIBSPDM_DATA_CAPABILITY_DATA_TRANSFER_SIZE:
898 0 : target_data_size = sizeof(uint32_t);
899 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
900 0 : target_data = &context->connection_info.capability.data_transfer_size;
901 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
902 0 : target_data = &context->local_context.capability.data_transfer_size;
903 : } else {
904 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
905 : }
906 0 : break;
907 0 : case LIBSPDM_DATA_CAPABILITY_MAX_SPDM_MSG_SIZE:
908 0 : target_data_size = sizeof(uint32_t);
909 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
910 0 : target_data = &context->connection_info.capability.max_spdm_msg_size;
911 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
912 0 : target_data = &context->local_context.capability.max_spdm_msg_size;
913 : } else {
914 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
915 : }
916 0 : break;
917 0 : case LIBSPDM_DATA_CAPABILITY_SENDER_DATA_TRANSFER_SIZE:
918 0 : target_data_size = sizeof(uint32_t);
919 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
920 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
921 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
922 0 : target_data = &context->local_context.capability.sender_data_transfer_size;
923 : } else {
924 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
925 : }
926 0 : break;
927 0 : case LIBSPDM_DATA_MEASUREMENT_SPEC:
928 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
929 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
930 : }
931 0 : target_data_size = sizeof(uint8_t);
932 0 : target_data = &context->connection_info.algorithm.measurement_spec;
933 0 : break;
934 0 : case LIBSPDM_DATA_MEASUREMENT_HASH_ALGO:
935 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
936 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
937 : }
938 0 : target_data_size = sizeof(uint32_t);
939 0 : target_data = &context->connection_info.algorithm.measurement_hash_algo;
940 0 : break;
941 0 : case LIBSPDM_DATA_BASE_ASYM_ALGO:
942 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
943 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
944 : }
945 0 : target_data_size = sizeof(uint32_t);
946 0 : target_data = &context->connection_info.algorithm.base_asym_algo;
947 0 : break;
948 0 : case LIBSPDM_DATA_BASE_HASH_ALGO:
949 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
950 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
951 : }
952 0 : target_data_size = sizeof(uint32_t);
953 0 : target_data = &context->connection_info.algorithm.base_hash_algo;
954 0 : break;
955 0 : case LIBSPDM_DATA_DHE_NAME_GROUP:
956 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
957 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
958 : }
959 0 : target_data_size = sizeof(uint16_t);
960 0 : target_data = &context->connection_info.algorithm.dhe_named_group;
961 0 : break;
962 0 : case LIBSPDM_DATA_AEAD_CIPHER_SUITE:
963 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
964 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
965 : }
966 0 : target_data_size = sizeof(uint16_t);
967 0 : target_data = &context->connection_info.algorithm.aead_cipher_suite;
968 0 : break;
969 0 : case LIBSPDM_DATA_REQ_BASE_ASYM_ALG:
970 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
971 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
972 : }
973 0 : target_data_size = sizeof(uint16_t);
974 0 : target_data = &context->connection_info.algorithm.req_base_asym_alg;
975 0 : break;
976 0 : case LIBSPDM_DATA_KEY_SCHEDULE:
977 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
978 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
979 : }
980 0 : target_data_size = sizeof(uint16_t);
981 0 : target_data = &context->connection_info.algorithm.key_schedule;
982 0 : break;
983 0 : case LIBSPDM_DATA_OTHER_PARAMS_SUPPORT:
984 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
985 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
986 : }
987 0 : target_data_size = sizeof(uint8_t);
988 0 : target_data = &context->connection_info.algorithm.other_params_support;
989 0 : break;
990 0 : case LIBSPDM_DATA_MEL_SPEC:
991 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
992 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
993 : }
994 0 : target_data_size = sizeof(uint8_t);
995 0 : target_data = &context->connection_info.algorithm.mel_spec;
996 0 : break;
997 0 : case LIBSPDM_DATA_PQC_ASYM_ALGO:
998 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
999 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1000 : }
1001 0 : target_data_size = sizeof(uint32_t);
1002 0 : target_data = &context->connection_info.algorithm.pqc_asym_algo;
1003 0 : break;
1004 0 : case LIBSPDM_DATA_REQ_PQC_ASYM_ALG:
1005 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1006 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1007 : }
1008 0 : target_data_size = sizeof(uint32_t);
1009 0 : target_data = &context->connection_info.algorithm.req_pqc_asym_alg;
1010 0 : break;
1011 0 : case LIBSPDM_DATA_KEM_ALG:
1012 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1013 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1014 : }
1015 0 : target_data_size = sizeof(uint32_t);
1016 0 : target_data = &context->connection_info.algorithm.kem_alg;
1017 0 : break;
1018 0 : case LIBSPDM_DATA_CONNECTION_STATE:
1019 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1020 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1021 : }
1022 0 : target_data_size = sizeof(libspdm_connection_state_t);
1023 0 : target_data = &context->connection_info.connection_state;
1024 0 : break;
1025 0 : case LIBSPDM_DATA_RESPONSE_STATE:
1026 0 : target_data_size = sizeof(libspdm_response_state_t);
1027 0 : target_data = &context->response_state;
1028 0 : break;
1029 6 : case LIBSPDM_DATA_PEER_PROVISIONED_SLOT_MASK:
1030 6 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1031 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1032 : }
1033 6 : target_data_size = sizeof(uint8_t);
1034 6 : target_data = &context->connection_info.peer_provisioned_slot_mask;
1035 6 : break;
1036 0 : case LIBSPDM_DATA_PEER_SUPPORTED_SLOT_MASK:
1037 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1038 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1039 : }
1040 0 : target_data_size = sizeof(uint8_t);
1041 0 : target_data = &context->connection_info.peer_supported_slot_mask;
1042 0 : break;
1043 0 : case LIBSPDM_DATA_PEER_KEY_PAIR_ID:
1044 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1045 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1046 : }
1047 0 : slot_id = parameter->additional_data[0];
1048 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1049 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1050 : }
1051 0 : target_data_size = sizeof(spdm_key_pair_id_t);
1052 0 : target_data = &context->connection_info.peer_key_pair_id[slot_id];
1053 0 : break;
1054 0 : case LIBSPDM_DATA_PEER_CERT_INFO:
1055 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1056 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1057 : }
1058 0 : slot_id = parameter->additional_data[0];
1059 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1060 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1061 : }
1062 0 : target_data_size = sizeof(spdm_certificate_info_t);
1063 0 : target_data = &context->connection_info.peer_cert_info[slot_id];
1064 0 : break;
1065 0 : case LIBSPDM_DATA_PEER_KEY_USAGE_BIT_MASK:
1066 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1067 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1068 : }
1069 0 : slot_id = parameter->additional_data[0];
1070 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1071 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1072 : }
1073 0 : target_data_size = sizeof(spdm_key_usage_bit_mask_t);
1074 0 : target_data = &context->connection_info.peer_key_usage_bit_mask[slot_id];
1075 0 : break;
1076 0 : case LIBSPDM_DATA_SESSION_USE_PSK:
1077 0 : target_data_size = sizeof(bool);
1078 0 : target_data = &session_info->use_psk;
1079 0 : break;
1080 0 : case LIBSPDM_DATA_SESSION_MUT_AUTH_REQUESTED:
1081 0 : target_data_size = sizeof(uint8_t);
1082 0 : target_data = &session_info->mut_auth_requested;
1083 0 : break;
1084 0 : case LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES:
1085 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1086 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1087 : }
1088 0 : target_data_size = sizeof(uint8_t);
1089 0 : if (session_info == NULL) {
1090 0 : target_data = &context->connection_info.end_session_attributes;
1091 : } else {
1092 0 : target_data = &session_info->end_session_attributes;
1093 : }
1094 0 : break;
1095 0 : case LIBSPDM_DATA_SESSION_POLICY:
1096 0 : target_data_size = sizeof(uint8_t);
1097 0 : target_data = &session_info->session_policy;
1098 0 : break;
1099 6 : case LIBSPDM_DATA_APP_CONTEXT_DATA:
1100 6 : target_data_size = sizeof(void *);
1101 6 : target_data = &context->app_context_data_ptr;
1102 6 : break;
1103 0 : case LIBSPDM_DATA_HANDLE_ERROR_RETURN_POLICY:
1104 0 : target_data_size = sizeof(uint8_t);
1105 0 : target_data = &context->handle_error_return_policy;
1106 0 : break;
1107 0 : case LIBSPDM_DATA_MAX_DHE_SESSION_COUNT:
1108 0 : target_data_size = sizeof(uint32_t);
1109 0 : target_data = &context->max_dhe_session_count;
1110 0 : break;
1111 0 : case LIBSPDM_DATA_MAX_PSK_SESSION_COUNT:
1112 0 : target_data_size = sizeof(uint32_t);
1113 0 : target_data = &context->max_psk_session_count;
1114 0 : break;
1115 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_REQ_DIR:
1116 0 : target_data_size = sizeof(uint64_t);
1117 0 : target_data = &secured_context->application_secret.request_data_sequence_number;
1118 0 : break;
1119 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_RSP_DIR:
1120 0 : target_data_size = sizeof(uint64_t);
1121 0 : target_data = &secured_context->application_secret.response_data_sequence_number;
1122 0 : break;
1123 0 : case LIBSPDM_DATA_MAX_SPDM_SESSION_SEQUENCE_NUMBER:
1124 0 : target_data_size = sizeof(uint64_t);
1125 0 : target_data = &context->max_spdm_session_sequence_number;
1126 0 : break;
1127 0 : case LIBSPDM_DATA_VCA_CACHE:
1128 0 : target_data_size = context->transcript.message_a.buffer_size;
1129 0 : target_data = context->transcript.message_a.buffer;
1130 0 : break;
1131 0 : case LIBSPDM_DATA_REQUEST_AND_SIZE:
1132 0 : target_data_size = context->last_spdm_request_size;
1133 0 : target_data = context->last_spdm_request;
1134 0 : break;
1135 0 : case LIBSPDM_DATA_SPDM_VERSION_10_11_VERIFY_SIGNATURE_ENDIAN:
1136 0 : target_data_size = sizeof(uint8_t);
1137 0 : target_data = &context->spdm_10_11_verify_signature_endian;
1138 0 : break;
1139 0 : case LIBSPDM_DATA_SEQUENCE_NUMBER_ENDIAN:
1140 0 : target_data_size = sizeof(uint8_t);
1141 0 : target_data = &context->sequence_number_endian;
1142 0 : break;
1143 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_ENDIAN:
1144 0 : target_data_size = sizeof(uint8_t);
1145 0 : target_data = &secured_context->sequence_number_endian;
1146 0 : break;
1147 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_REQ:
1148 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1149 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1150 : }
1151 0 : target_data_size = sizeof(bool);
1152 0 : target_data = &context->connection_info.multi_key_conn_req;
1153 0 : break;
1154 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_RSP:
1155 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1156 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1157 : }
1158 0 : target_data_size = sizeof(bool);
1159 0 : target_data = &context->connection_info.multi_key_conn_rsp;
1160 0 : break;
1161 0 : default:
1162 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
1163 : break;
1164 : }
1165 :
1166 12 : if (*data_size < target_data_size) {
1167 1 : *data_size = target_data_size;
1168 1 : return LIBSPDM_STATUS_BUFFER_TOO_SMALL;
1169 : }
1170 11 : libspdm_copy_mem(data, *data_size, target_data, target_data_size);
1171 11 : *data_size = target_data_size;
1172 :
1173 11 : return LIBSPDM_STATUS_SUCCESS;
1174 : }
1175 :
1176 : #if LIBSPDM_CHECK_SPDM_CONTEXT
1177 3 : bool libspdm_check_context (void *spdm_context)
1178 : {
1179 : libspdm_context_t *context;
1180 : size_t index;
1181 :
1182 3 : context = spdm_context;
1183 :
1184 3 : if (context->local_context.capability.data_transfer_size <
1185 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12) {
1186 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1187 : "data_transfer_size must be greater than or equal "
1188 : "to SPDM_MIN_DATA_TRANSFER_SIZE (%d).\n",
1189 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12));
1190 1 : return false;
1191 : }
1192 :
1193 2 : if (context->local_context.capability.max_spdm_msg_size <
1194 2 : context->local_context.capability.data_transfer_size) {
1195 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1196 : "max_spdm_msg_size (%d) must be greater than or "
1197 : "equal to data_transfer_size (%d).\n",
1198 : context->local_context.capability.max_spdm_msg_size,
1199 : context->local_context.capability.data_transfer_size));
1200 1 : return false;
1201 : }
1202 :
1203 1 : if (context->local_context.capability.sender_data_transfer_size <
1204 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12) {
1205 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1206 : "sender_data_transfer_size must be greater than or equal "
1207 : "to %d.\n", SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12));
1208 0 : return false;
1209 : }
1210 :
1211 1 : if (context->local_context.capability.max_spdm_msg_size <
1212 1 : context->local_context.capability.sender_data_transfer_size) {
1213 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1214 : "max_spdm_msg_size (%d) must be greater than or "
1215 : "equal to sender_data_transfer_size (%d).\n",
1216 : context->local_context.capability.max_spdm_msg_size,
1217 : context->local_context.capability.sender_data_transfer_size));
1218 0 : return false;
1219 : }
1220 :
1221 1 : if (((context->local_context.capability.flags &
1222 0 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHUNK_CAP) != 0) &&
1223 0 : (context->local_context.capability.max_spdm_msg_size != 0)) {
1224 0 : for (index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
1225 0 : if ((context->local_context.local_cert_chain_provision_size[index] != 0) &&
1226 0 : (context->local_context.local_cert_chain_provision_size[index] +
1227 : sizeof(spdm_certificate_response_t) >
1228 0 : context->local_context.capability.max_spdm_msg_size)) {
1229 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1230 : "max_spdm_msg_size (%d) must be greater than or "
1231 : "equal to local_cert_chain_provision_size[%zu] (%zu).\n",
1232 : context->local_context.capability.max_spdm_msg_size, index,
1233 : context->local_context.local_cert_chain_provision_size[index]));
1234 0 : return false;
1235 : }
1236 : }
1237 : }
1238 :
1239 1 : return true;
1240 : }
1241 : #endif /* LIBSPDM_CHECK_CONTEXT */
1242 :
1243 : /**
1244 : * Reset message A cache in SPDM context.
1245 : *
1246 : * @param spdm_context A pointer to the SPDM context.
1247 : **/
1248 677 : void libspdm_reset_message_a(libspdm_context_t *spdm_context)
1249 : {
1250 677 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_a);
1251 677 : }
1252 :
1253 : /**
1254 : * Reset message D cache in SPDM context.
1255 : *
1256 : * @param spdm_context A pointer to the SPDM context.
1257 : **/
1258 51 : void libspdm_reset_message_d(libspdm_context_t *spdm_context)
1259 : {
1260 51 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_d);
1261 51 : }
1262 :
1263 : /**
1264 : * Reset message B cache in SPDM context.
1265 : *
1266 : * @param spdm_context A pointer to the SPDM context.
1267 : **/
1268 1003 : void libspdm_reset_message_b(libspdm_context_t *spdm_context)
1269 : {
1270 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1271 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_b);
1272 : #else
1273 1003 : if (spdm_context->transcript.digest_context_m1m2 != NULL) {
1274 184 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1275 : spdm_context->transcript.digest_context_m1m2);
1276 184 : spdm_context->transcript.digest_context_m1m2 = NULL;
1277 : }
1278 : #endif
1279 1003 : }
1280 :
1281 : /**
1282 : * Reset message C cache in SPDM context.
1283 : *
1284 : * @param spdm_context A pointer to the SPDM context.
1285 : **/
1286 589 : void libspdm_reset_message_c(libspdm_context_t *spdm_context)
1287 : {
1288 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1289 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_c);
1290 : #else
1291 589 : if (spdm_context->transcript.digest_context_m1m2 != NULL) {
1292 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1293 : spdm_context->transcript.digest_context_m1m2);
1294 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1295 : }
1296 : #endif
1297 589 : }
1298 :
1299 : /**
1300 : * Reset message MutB cache in SPDM context.
1301 : *
1302 : * @param spdm_context A pointer to the SPDM context.
1303 : **/
1304 522 : void libspdm_reset_message_mut_b(libspdm_context_t *spdm_context)
1305 : {
1306 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1307 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_mut_b);
1308 : #else
1309 522 : if (spdm_context->transcript.digest_context_mut_m1m2 != NULL) {
1310 33 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1311 : spdm_context->transcript.digest_context_mut_m1m2);
1312 33 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1313 : }
1314 : #endif
1315 522 : }
1316 :
1317 : /**
1318 : * Reset message MutC cache in SPDM context.
1319 : *
1320 : * @param spdm_context A pointer to the SPDM context.
1321 : **/
1322 500 : void libspdm_reset_message_mut_c(libspdm_context_t *spdm_context)
1323 : {
1324 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1325 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_mut_c);
1326 : #else
1327 500 : if (spdm_context->transcript.digest_context_mut_m1m2 != NULL) {
1328 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1329 : spdm_context->transcript.digest_context_mut_m1m2);
1330 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1331 : }
1332 : #endif
1333 500 : }
1334 :
1335 : /**
1336 : * Reset message M cache in SPDM context.
1337 : * If session_info is NULL, this function will use M cache of SPDM context,
1338 : * else will use M cache of SPDM session context.
1339 : *
1340 : * @param spdm_context A pointer to the SPDM context.
1341 : * @param session_info A pointer to the SPDM session context.
1342 : **/
1343 4159 : void libspdm_reset_message_m(libspdm_context_t *spdm_context, void *session_info)
1344 : {
1345 : libspdm_session_info_t *spdm_session_info;
1346 :
1347 4159 : spdm_session_info = session_info;
1348 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1349 : if (spdm_session_info == NULL) {
1350 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_m);
1351 : } else {
1352 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_m);
1353 : }
1354 : #else
1355 4159 : if (spdm_session_info == NULL) {
1356 3879 : if (spdm_context->transcript.digest_context_l1l2 != NULL) {
1357 62 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1358 : spdm_context->transcript.digest_context_l1l2);
1359 62 : spdm_context->transcript.digest_context_l1l2 = NULL;
1360 : }
1361 : } else {
1362 280 : if (spdm_session_info->session_transcript.digest_context_l1l2 != NULL) {
1363 2 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1364 : spdm_session_info->session_transcript.digest_context_l1l2);
1365 2 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1366 : }
1367 : }
1368 : #endif
1369 : #if LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP
1370 4159 : if (spdm_context->spdm_meas_log_reset_callback != NULL) {
1371 79 : spdm_context->spdm_meas_log_reset_callback(
1372 : spdm_context, spdm_session_info == NULL ? NULL : &spdm_session_info->session_id);
1373 : }
1374 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
1375 4159 : }
1376 :
1377 : /**
1378 : * Reset message K cache in SPDM context.
1379 : *
1380 : * @param spdm_context A pointer to the SPDM context.
1381 : * @param spdm_session_info A pointer to the SPDM session context.
1382 : **/
1383 0 : void libspdm_reset_message_k(libspdm_context_t *spdm_context, void *session_info)
1384 : {
1385 : libspdm_session_info_t *spdm_session_info;
1386 :
1387 0 : spdm_session_info = session_info;
1388 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1389 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_k);
1390 : #else
1391 : {
1392 0 : if (spdm_session_info->session_transcript.digest_context_th != NULL) {
1393 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1394 : spdm_session_info->session_transcript.digest_context_th);
1395 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
1396 : }
1397 0 : if (spdm_session_info->session_transcript.digest_context_th_backup != NULL) {
1398 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1399 : spdm_session_info->session_transcript.digest_context_th_backup);
1400 0 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
1401 : }
1402 : }
1403 : #endif
1404 0 : }
1405 :
1406 : /**
1407 : * Reset message EncapD cache in SPDM context.
1408 : *
1409 : * @param spdm_context A pointer to the SPDM context.
1410 : * @param spdm_session_info A pointer to the SPDM session context.
1411 : **/
1412 6 : void libspdm_reset_message_encap_d(libspdm_context_t *spdm_context, void *session_info)
1413 : {
1414 : libspdm_session_info_t *spdm_session_info;
1415 :
1416 6 : spdm_session_info = session_info;
1417 6 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_encap_d);
1418 6 : }
1419 :
1420 : /**
1421 : * Reset message F cache in SPDM context.
1422 : *
1423 : * @param spdm_context A pointer to the SPDM context.
1424 : * @param spdm_session_info A pointer to the SPDM session context.
1425 : **/
1426 21 : void libspdm_reset_message_f(libspdm_context_t *spdm_context, void *session_info)
1427 : {
1428 : libspdm_session_info_t *spdm_session_info;
1429 :
1430 21 : spdm_session_info = session_info;
1431 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1432 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_f);
1433 : #else
1434 : {
1435 21 : if (spdm_session_info->session_transcript.digest_context_th != NULL) {
1436 21 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1437 : spdm_session_info->session_transcript.digest_context_th);
1438 21 : spdm_session_info->session_transcript.digest_context_th =
1439 21 : spdm_session_info->session_transcript.digest_context_th_backup;
1440 21 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
1441 : }
1442 21 : spdm_session_info->session_transcript.message_f_initialized = false;
1443 : }
1444 : #endif
1445 21 : }
1446 :
1447 : /**
1448 : * Reset message E cache in SPDM context.
1449 : * If session_info is NULL, this function will use E cache of SPDM context,
1450 : * else will use E cache of SPDM session context.
1451 : *
1452 : * @param spdm_context A pointer to the SPDM context.
1453 : * @param spdm_session_info A pointer to the SPDM session context.
1454 : **/
1455 184 : void libspdm_reset_message_e(libspdm_context_t *spdm_context, void *session_info)
1456 : {
1457 : libspdm_session_info_t *spdm_session_info;
1458 :
1459 184 : spdm_session_info = session_info;
1460 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1461 : if (spdm_session_info == NULL) {
1462 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_e);
1463 : } else {
1464 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_e);
1465 : }
1466 : #else
1467 184 : if (spdm_session_info == NULL) {
1468 176 : if (spdm_context->transcript.digest_context_il1il2 != NULL) {
1469 14 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1470 : spdm_context->transcript.digest_context_il1il2);
1471 14 : spdm_context->transcript.digest_context_il1il2 = NULL;
1472 : }
1473 : } else {
1474 8 : if (spdm_session_info->session_transcript.digest_context_il1il2 != NULL) {
1475 3 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1476 : spdm_session_info->session_transcript.digest_context_il1il2);
1477 3 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
1478 : }
1479 : }
1480 : #endif
1481 184 : }
1482 :
1483 : /**
1484 : * Reset message encap E cache in SPDM context.
1485 : * If session_info is NULL, this function will use encap E cache of SPDM context,
1486 : * else will use encap E cache of SPDM session context.
1487 : *
1488 : * @param spdm_context A pointer to the SPDM context.
1489 : * @param spdm_session_info A pointer to the SPDM session context.
1490 : **/
1491 141 : void libspdm_reset_message_encap_e(libspdm_context_t *spdm_context, void *session_info)
1492 : {
1493 : libspdm_session_info_t *spdm_session_info;
1494 :
1495 141 : spdm_session_info = session_info;
1496 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1497 : if (spdm_session_info == NULL) {
1498 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_encap_e);
1499 : } else {
1500 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_encap_e);
1501 : }
1502 : #else
1503 141 : if (spdm_session_info == NULL) {
1504 134 : if (spdm_context->transcript.digest_context_encap_il1il2 != NULL) {
1505 11 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1506 : spdm_context->transcript.digest_context_encap_il1il2);
1507 11 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
1508 : }
1509 : } else {
1510 7 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 != NULL) {
1511 2 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1512 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
1513 2 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
1514 : }
1515 : }
1516 : #endif
1517 141 : }
1518 :
1519 : /**
1520 : * Reset message buffer in SPDM context according to request code.
1521 : *
1522 : * @param spdm_context A pointer to the SPDM context.
1523 : * @param spdm_session_info A pointer to the SPDM session context.
1524 : * @param spdm_request The SPDM request code.
1525 : */
1526 4253 : void libspdm_reset_message_buffer_via_request_code(void *context, void *session_info,
1527 : uint8_t request_code)
1528 : {
1529 : libspdm_context_t *spdm_context;
1530 :
1531 4253 : spdm_context = context;
1532 : /**
1533 : * Any request other than SPDM_GET_MEASUREMENTS resets L1/L2
1534 : */
1535 4253 : if (request_code != SPDM_GET_MEASUREMENTS) {
1536 3828 : libspdm_reset_message_m(spdm_context, session_info);
1537 : }
1538 : /**
1539 : * If the Requester issued GET_MEASUREMENTS or KEY_EXCHANGE or FINISH or PSK_EXCHANGE
1540 : * or PSK_FINISH or KEY_UPDATE or HEARTBEAT or GET_ENCAPSULATED_REQUEST or DELIVER_ENCAPSULATED_RESPONSE
1541 : * or END_SESSION request(s) or SPDM_GET_MEASUREMENT_EXTENSION_LOG and skipped CHALLENGE completion, M1 and M2 are reset to null.
1542 : */
1543 4253 : switch (request_code)
1544 : {
1545 876 : case SPDM_KEY_EXCHANGE:
1546 : case SPDM_GET_MEASUREMENTS:
1547 : case SPDM_FINISH:
1548 : case SPDM_PSK_EXCHANGE:
1549 : case SPDM_PSK_FINISH:
1550 : case SPDM_KEY_UPDATE:
1551 : case SPDM_HEARTBEAT:
1552 : case SPDM_GET_ENCAPSULATED_REQUEST:
1553 : case SPDM_END_SESSION:
1554 : case SPDM_GET_MEASUREMENT_EXTENSION_LOG:
1555 876 : if (spdm_context->connection_info.connection_state <
1556 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED) {
1557 434 : libspdm_reset_message_b(spdm_context);
1558 434 : libspdm_reset_message_c(spdm_context);
1559 434 : libspdm_reset_message_mut_b(spdm_context);
1560 434 : libspdm_reset_message_mut_c(spdm_context);
1561 : }
1562 876 : break;
1563 5 : case SPDM_DELIVER_ENCAPSULATED_RESPONSE:
1564 5 : if (spdm_context->connection_info.connection_state <
1565 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED) {
1566 5 : libspdm_reset_message_b(spdm_context);
1567 5 : libspdm_reset_message_c(spdm_context);
1568 : }
1569 5 : break;
1570 60 : case SPDM_GET_DIGESTS:
1571 60 : libspdm_reset_message_b(spdm_context);
1572 60 : break;
1573 55 : case SPDM_GET_ENDPOINT_INFO:
1574 55 : libspdm_reset_message_e(spdm_context, session_info);
1575 55 : libspdm_reset_message_encap_e(spdm_context, session_info);
1576 55 : break;
1577 3257 : default:
1578 3257 : break;
1579 : }
1580 4253 : }
1581 :
1582 177 : libspdm_return_t libspdm_append_message_a(libspdm_context_t *spdm_context, const void *message,
1583 : size_t message_size)
1584 : {
1585 177 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_a,
1586 : message, message_size);
1587 : }
1588 :
1589 7 : libspdm_return_t libspdm_append_message_d(libspdm_context_t *spdm_context, const void *message,
1590 : size_t message_size)
1591 : {
1592 : /* Only the first message D after VCA in connection counts */
1593 7 : if (libspdm_get_managed_buffer_size(&spdm_context->transcript.message_d) != 0) {
1594 1 : return LIBSPDM_STATUS_SUCCESS;
1595 : }
1596 6 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_d,
1597 : message, message_size);
1598 : }
1599 :
1600 5932 : libspdm_return_t libspdm_append_message_b(libspdm_context_t *spdm_context, const void *message,
1601 : size_t message_size)
1602 : {
1603 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1604 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_b,
1605 : message, message_size);
1606 : #else
1607 : {
1608 : bool result;
1609 :
1610 5932 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1611 163 : spdm_context->transcript.digest_context_m1m2 = libspdm_hash_new (
1612 : spdm_context->connection_info.algorithm.base_hash_algo);
1613 163 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1614 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1615 : }
1616 163 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1617 : spdm_context->transcript.digest_context_m1m2);
1618 163 : if (!result) {
1619 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1620 : spdm_context->transcript.digest_context_m1m2);
1621 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1622 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1623 : }
1624 163 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1625 : spdm_context->transcript.digest_context_m1m2,
1626 163 : libspdm_get_managed_buffer(&spdm_context->transcript.
1627 : message_a),
1628 163 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1629 : message_a));
1630 163 : if (!result) {
1631 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1632 : spdm_context->transcript.digest_context_m1m2);
1633 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1634 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1635 : }
1636 : }
1637 :
1638 5932 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1639 : spdm_context->transcript.digest_context_m1m2, message,
1640 : message_size);
1641 5932 : if (!result) {
1642 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1643 : spdm_context->transcript.digest_context_m1m2);
1644 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1645 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1646 : }
1647 :
1648 5932 : return LIBSPDM_STATUS_SUCCESS;
1649 : }
1650 : #endif
1651 : }
1652 :
1653 52 : libspdm_return_t libspdm_append_message_c(libspdm_context_t *spdm_context, const void *message,
1654 : size_t message_size)
1655 : {
1656 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1657 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_c,
1658 : message, message_size);
1659 : #else
1660 : {
1661 : bool result;
1662 :
1663 52 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1664 25 : spdm_context->transcript.digest_context_m1m2 = libspdm_hash_new (
1665 : spdm_context->connection_info.algorithm.base_hash_algo);
1666 25 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1667 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1668 : }
1669 25 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1670 : spdm_context->transcript.digest_context_m1m2);
1671 25 : if (!result) {
1672 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1673 : spdm_context->transcript.digest_context_m1m2);
1674 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1675 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1676 : }
1677 25 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1678 : spdm_context->transcript.digest_context_m1m2,
1679 25 : libspdm_get_managed_buffer(&spdm_context->transcript.
1680 : message_a),
1681 25 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1682 : message_a));
1683 25 : if (!result) {
1684 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1685 : spdm_context->transcript.digest_context_m1m2);
1686 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1687 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1688 : }
1689 : }
1690 :
1691 52 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1692 : spdm_context->transcript.digest_context_m1m2, message,
1693 : message_size);
1694 52 : if (!result) {
1695 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1696 : spdm_context->transcript.digest_context_m1m2);
1697 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1698 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1699 : }
1700 :
1701 52 : return LIBSPDM_STATUS_SUCCESS;
1702 : }
1703 : #endif
1704 : }
1705 :
1706 2847 : libspdm_return_t libspdm_append_message_mut_b(libspdm_context_t *spdm_context, const void *message,
1707 : size_t message_size)
1708 : {
1709 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1710 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_mut_b,
1711 : message, message_size);
1712 : #else
1713 : {
1714 : bool result;
1715 :
1716 2847 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1717 32 : spdm_context->transcript.digest_context_mut_m1m2 = libspdm_hash_new (
1718 : spdm_context->connection_info.algorithm.base_hash_algo);
1719 32 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1720 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1721 : }
1722 32 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1723 : spdm_context->transcript.digest_context_mut_m1m2);
1724 32 : if (!result) {
1725 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1726 : spdm_context->transcript.digest_context_mut_m1m2);
1727 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1728 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1729 : }
1730 32 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1731 : SPDM_MESSAGE_VERSION_11) {
1732 :
1733 : /* Need append VCA since 1.2 script */
1734 5 : result = libspdm_hash_update (
1735 : spdm_context->connection_info.algorithm.base_hash_algo,
1736 : spdm_context->transcript.digest_context_mut_m1m2,
1737 5 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
1738 5 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1739 : message_a));
1740 5 : if (!result) {
1741 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1742 : spdm_context->transcript.digest_context_mut_m1m2);
1743 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1744 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1745 : }
1746 : }
1747 : }
1748 :
1749 2847 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1750 : spdm_context->transcript.digest_context_mut_m1m2, message,
1751 : message_size);
1752 2847 : if (!result) {
1753 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1754 : spdm_context->transcript.digest_context_mut_m1m2);
1755 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1756 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1757 : }
1758 :
1759 2847 : return LIBSPDM_STATUS_SUCCESS;
1760 : }
1761 : #endif
1762 : }
1763 :
1764 10 : libspdm_return_t libspdm_append_message_mut_c(libspdm_context_t *spdm_context, const void *message,
1765 : size_t message_size)
1766 : {
1767 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1768 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_mut_c,
1769 : message, message_size);
1770 : #else
1771 : {
1772 : bool result;
1773 :
1774 10 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1775 7 : spdm_context->transcript.digest_context_mut_m1m2 = libspdm_hash_new (
1776 : spdm_context->connection_info.algorithm.base_hash_algo);
1777 7 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1778 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1779 : }
1780 7 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1781 : spdm_context->transcript.digest_context_mut_m1m2);
1782 7 : if (!result) {
1783 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1784 : spdm_context->transcript.digest_context_mut_m1m2);
1785 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1786 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1787 : }
1788 7 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1789 : SPDM_MESSAGE_VERSION_11) {
1790 :
1791 : /* Need append VCA since 1.2 script */
1792 2 : result = libspdm_hash_update (
1793 : spdm_context->connection_info.algorithm.base_hash_algo,
1794 : spdm_context->transcript.digest_context_mut_m1m2,
1795 2 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
1796 2 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1797 : message_a));
1798 2 : if (!result) {
1799 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1800 : spdm_context->transcript.digest_context_mut_m1m2);
1801 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1802 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1803 : }
1804 : }
1805 : }
1806 :
1807 10 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1808 : spdm_context->transcript.digest_context_mut_m1m2, message,
1809 : message_size);
1810 10 : if (!result) {
1811 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1812 : spdm_context->transcript.digest_context_mut_m1m2);
1813 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1814 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1815 : }
1816 :
1817 10 : return LIBSPDM_STATUS_SUCCESS;
1818 : }
1819 : #endif
1820 : }
1821 :
1822 722 : libspdm_return_t libspdm_append_message_m(libspdm_context_t *spdm_context, void *session_info,
1823 : const void *message, size_t message_size)
1824 : {
1825 : libspdm_session_info_t *spdm_session_info;
1826 :
1827 722 : spdm_session_info = session_info;
1828 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1829 : if (spdm_session_info == NULL) {
1830 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_m,
1831 : message, message_size);
1832 : } else {
1833 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_m,
1834 : message, message_size);
1835 : }
1836 : #else
1837 : {
1838 : bool result;
1839 :
1840 722 : if (spdm_session_info == NULL) {
1841 718 : if (spdm_context->transcript.digest_context_l1l2 == NULL) {
1842 62 : spdm_context->transcript.digest_context_l1l2 = libspdm_hash_new (
1843 : spdm_context->connection_info.algorithm.base_hash_algo);
1844 62 : if (spdm_context->transcript.digest_context_l1l2 == NULL) {
1845 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1846 : }
1847 62 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1848 : spdm_context->transcript.digest_context_l1l2);
1849 62 : if (!result) {
1850 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1851 : spdm_context->transcript.digest_context_l1l2);
1852 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1853 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1854 : }
1855 62 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1856 : SPDM_MESSAGE_VERSION_11) {
1857 :
1858 : /* Need append VCA since 1.2 script */
1859 13 : result = libspdm_hash_update (
1860 : spdm_context->connection_info.algorithm.base_hash_algo,
1861 : spdm_context->transcript.digest_context_l1l2,
1862 13 : libspdm_get_managed_buffer(
1863 13 : &spdm_context->transcript.message_a),
1864 13 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1865 : message_a));
1866 13 : if (!result) {
1867 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1868 : spdm_context->transcript.digest_context_l1l2);
1869 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1870 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1871 : }
1872 : }
1873 : }
1874 718 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1875 : spdm_context->transcript.digest_context_l1l2, message,
1876 : message_size);
1877 718 : if (!result) {
1878 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1879 : spdm_context->transcript.digest_context_l1l2);
1880 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1881 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1882 : }
1883 : } else {
1884 4 : if (spdm_session_info->session_transcript.digest_context_l1l2 == NULL) {
1885 2 : spdm_session_info->session_transcript.digest_context_l1l2 = libspdm_hash_new (
1886 : spdm_context->connection_info.algorithm.base_hash_algo);
1887 2 : if (spdm_session_info->session_transcript.digest_context_l1l2 == NULL) {
1888 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1889 : }
1890 2 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1891 : spdm_session_info->session_transcript.digest_context_l1l2);
1892 2 : if (!result) {
1893 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1894 : spdm_session_info->session_transcript.digest_context_l1l2);
1895 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1896 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1897 : }
1898 2 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1899 : SPDM_MESSAGE_VERSION_11) {
1900 :
1901 : /* Need append VCA since 1.2 script*/
1902 :
1903 0 : result = libspdm_hash_update (
1904 : spdm_context->connection_info.algorithm.base_hash_algo,
1905 : spdm_session_info->session_transcript.digest_context_l1l2,
1906 0 : libspdm_get_managed_buffer(
1907 0 : &spdm_context->transcript.message_a),
1908 0 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1909 : message_a));
1910 0 : if (!result) {
1911 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1912 : spdm_session_info->session_transcript.digest_context_l1l2);
1913 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1914 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1915 : }
1916 : }
1917 : }
1918 4 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1919 : spdm_session_info->session_transcript.digest_context_l1l2,
1920 : message, message_size);
1921 4 : if (!result) {
1922 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1923 : spdm_session_info->session_transcript.digest_context_l1l2);
1924 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1925 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1926 : }
1927 : }
1928 :
1929 722 : return LIBSPDM_STATUS_SUCCESS;
1930 : }
1931 : #endif
1932 : }
1933 :
1934 299 : libspdm_return_t libspdm_append_message_k(libspdm_context_t *spdm_context,
1935 : void *session_info,
1936 : bool is_requester, const void *message,
1937 : size_t message_size)
1938 : {
1939 : libspdm_session_info_t *spdm_session_info;
1940 :
1941 299 : spdm_session_info = session_info;
1942 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1943 : return libspdm_append_managed_buffer(
1944 : &spdm_session_info->session_transcript.message_k, message,
1945 : message_size);
1946 : #else
1947 : {
1948 : uint8_t *cert_chain_buffer;
1949 : size_t cert_chain_buffer_size;
1950 : bool result;
1951 : uint8_t cert_chain_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1952 : uint32_t hash_size;
1953 : uint8_t slot_id;
1954 :
1955 299 : hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1956 :
1957 299 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
1958 155 : if (!spdm_session_info->use_psk) {
1959 90 : if (is_requester) {
1960 59 : slot_id = spdm_session_info->peer_used_cert_chain_slot_id;
1961 59 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
1962 59 : if (slot_id == 0xFF) {
1963 2 : result = libspdm_get_peer_public_key_buffer(
1964 : spdm_context, (const void **)&cert_chain_buffer,
1965 : &cert_chain_buffer_size);
1966 2 : if (!result) {
1967 0 : return LIBSPDM_STATUS_INVALID_STATE_PEER;
1968 : }
1969 :
1970 2 : result = libspdm_hash_all(
1971 : spdm_context->connection_info.algorithm.base_hash_algo,
1972 : cert_chain_buffer, cert_chain_buffer_size,
1973 : cert_chain_buffer_hash);
1974 2 : if (!result) {
1975 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1976 : }
1977 : } else {
1978 57 : LIBSPDM_ASSERT(
1979 : hash_size ==
1980 : spdm_context->connection_info
1981 : .peer_used_cert_chain[slot_id].buffer_hash_size);
1982 :
1983 57 : libspdm_copy_mem(cert_chain_buffer_hash,
1984 : sizeof(cert_chain_buffer_hash),
1985 : spdm_context->connection_info
1986 57 : .peer_used_cert_chain[slot_id].buffer_hash,
1987 : hash_size);
1988 : }
1989 : } else {
1990 31 : slot_id = spdm_session_info->local_used_cert_chain_slot_id;
1991 31 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
1992 31 : if (slot_id == 0xFF) {
1993 2 : result = libspdm_get_local_public_key_buffer(
1994 : spdm_context, (const void **)&cert_chain_buffer,
1995 : &cert_chain_buffer_size);
1996 2 : if (!result) {
1997 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
1998 : }
1999 : } else {
2000 29 : libspdm_get_local_cert_chain_buffer(
2001 : spdm_context, slot_id, (const void **)&cert_chain_buffer,
2002 : &cert_chain_buffer_size);
2003 : }
2004 :
2005 31 : result = libspdm_hash_all(
2006 : spdm_context->connection_info.algorithm.base_hash_algo,
2007 : cert_chain_buffer, cert_chain_buffer_size,
2008 : cert_chain_buffer_hash);
2009 31 : if (!result) {
2010 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2011 : }
2012 : }
2013 : }
2014 : }
2015 :
2016 :
2017 : /* prepare digest_context_th*/
2018 :
2019 299 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2020 155 : spdm_session_info->session_transcript.digest_context_th = libspdm_hash_new (
2021 : spdm_context->connection_info.algorithm.base_hash_algo);
2022 155 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2023 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2024 : }
2025 155 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2026 : spdm_session_info->session_transcript.digest_context_th);
2027 155 : if (!result) {
2028 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2029 : spdm_session_info->session_transcript.digest_context_th);
2030 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2031 : }
2032 155 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2033 : spdm_session_info->session_transcript.digest_context_th,
2034 155 : libspdm_get_managed_buffer(&spdm_context->transcript.
2035 : message_a),
2036 : libspdm_get_managed_buffer_size(
2037 155 : &spdm_context->transcript.message_a));
2038 155 : if (!result) {
2039 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2040 : spdm_session_info->session_transcript.digest_context_th);
2041 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2042 : }
2043 155 : if (!spdm_session_info->use_psk) {
2044 90 : if (spdm_context->connection_info.multi_key_conn_rsp) {
2045 0 : result = libspdm_hash_update (
2046 : spdm_context->connection_info.algorithm.base_hash_algo,
2047 : spdm_session_info->session_transcript.digest_context_th,
2048 0 : libspdm_get_managed_buffer(&spdm_context->transcript.message_d),
2049 0 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_d));
2050 0 : if (!result) {
2051 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2052 : spdm_session_info->session_transcript.digest_context_th);
2053 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2054 : }
2055 : }
2056 :
2057 90 : result = libspdm_hash_update (
2058 : spdm_context->connection_info.algorithm.base_hash_algo,
2059 : spdm_session_info->session_transcript.digest_context_th,
2060 : cert_chain_buffer_hash, hash_size);
2061 90 : if (!result) {
2062 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2063 : spdm_session_info->session_transcript.digest_context_th);
2064 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2065 : }
2066 : }
2067 : }
2068 299 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2069 : spdm_session_info->session_transcript.digest_context_th,
2070 : message,
2071 : message_size);
2072 299 : if (!result) {
2073 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2074 : spdm_session_info->session_transcript.digest_context_th);
2075 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2076 : }
2077 299 : return LIBSPDM_STATUS_SUCCESS;
2078 : }
2079 : #endif
2080 : }
2081 :
2082 4 : libspdm_return_t libspdm_append_message_encap_d(libspdm_context_t *spdm_context,
2083 : void *session_info,
2084 : bool is_requester, const void *message,
2085 : size_t message_size)
2086 : {
2087 : libspdm_session_info_t *spdm_session_info;
2088 :
2089 4 : spdm_session_info = session_info;
2090 : /* Only the first message EncapD in current session counts */
2091 4 : if (libspdm_get_managed_buffer_size(&spdm_session_info->session_transcript.message_encap_d) !=
2092 : 0) {
2093 0 : return LIBSPDM_STATUS_SUCCESS;
2094 : }
2095 4 : return libspdm_append_managed_buffer(
2096 4 : &spdm_session_info->session_transcript.message_encap_d, message,
2097 : message_size);
2098 : }
2099 :
2100 253 : libspdm_return_t libspdm_append_message_f(libspdm_context_t *spdm_context,
2101 : void *session_info,
2102 : bool is_requester, const void *message,
2103 : size_t message_size)
2104 : {
2105 : libspdm_session_info_t *spdm_session_info;
2106 :
2107 253 : spdm_session_info = session_info;
2108 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2109 : return libspdm_append_managed_buffer(
2110 : &spdm_session_info->session_transcript.message_f, message,
2111 : message_size);
2112 : #else
2113 : {
2114 : const uint8_t *mut_cert_chain_buffer;
2115 : size_t mut_cert_chain_buffer_size;
2116 : bool result;
2117 : uint8_t mut_cert_chain_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2118 : uint32_t hash_size;
2119 : libspdm_return_t status;
2120 : uint8_t slot_id;
2121 :
2122 253 : hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2123 :
2124 253 : if (!spdm_session_info->session_transcript.message_f_initialized) {
2125 : /* digest_context_th might be NULL in unit test, where message_k is hardcoded. */
2126 96 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2127 : status =
2128 95 : libspdm_append_message_k (spdm_context, session_info, is_requester, NULL, 0);
2129 95 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
2130 0 : return status;
2131 : }
2132 : }
2133 :
2134 96 : if (!spdm_session_info->use_psk && (spdm_session_info->mut_auth_requested != 0)) {
2135 16 : if (is_requester) {
2136 5 : slot_id = spdm_session_info->local_used_cert_chain_slot_id;
2137 5 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2138 5 : if (slot_id == 0xFF) {
2139 0 : result = libspdm_get_local_public_key_buffer(
2140 : spdm_context,
2141 : (const void **)&mut_cert_chain_buffer,
2142 : &mut_cert_chain_buffer_size);
2143 0 : if (!result) {
2144 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
2145 : }
2146 : } else {
2147 5 : libspdm_get_local_cert_chain_buffer(
2148 : spdm_context,
2149 : slot_id,
2150 : (const void **)&mut_cert_chain_buffer,
2151 : &mut_cert_chain_buffer_size);
2152 : }
2153 :
2154 5 : result = libspdm_hash_all(
2155 : spdm_context->connection_info.algorithm.base_hash_algo,
2156 : mut_cert_chain_buffer, mut_cert_chain_buffer_size,
2157 : mut_cert_chain_buffer_hash);
2158 5 : if (!result) {
2159 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2160 : }
2161 : } else {
2162 11 : slot_id = spdm_session_info->peer_used_cert_chain_slot_id;
2163 11 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2164 11 : if (slot_id == 0xFF) {
2165 1 : result = libspdm_get_peer_public_key_buffer(
2166 : spdm_context,
2167 : (const void **)&mut_cert_chain_buffer,
2168 : &mut_cert_chain_buffer_size);
2169 1 : if (!result) {
2170 0 : return LIBSPDM_STATUS_INVALID_STATE_PEER;
2171 : }
2172 :
2173 1 : result = libspdm_hash_all(
2174 : spdm_context->connection_info.algorithm.base_hash_algo,
2175 : mut_cert_chain_buffer, mut_cert_chain_buffer_size,
2176 : mut_cert_chain_buffer_hash);
2177 1 : if (!result) {
2178 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2179 : }
2180 : } else {
2181 10 : LIBSPDM_ASSERT(
2182 : hash_size ==
2183 : spdm_context->connection_info
2184 : .peer_used_cert_chain[slot_id].buffer_hash_size);
2185 :
2186 10 : libspdm_copy_mem(mut_cert_chain_buffer_hash,
2187 : sizeof(mut_cert_chain_buffer_hash),
2188 : spdm_context->connection_info
2189 10 : .peer_used_cert_chain[slot_id].buffer_hash,
2190 : hash_size);
2191 : }
2192 : }
2193 : }
2194 :
2195 : /* It is first time call, backup current message_k context
2196 : * this backup will be used in reset_message_f.*/
2197 :
2198 96 : LIBSPDM_ASSERT (spdm_session_info->session_transcript.digest_context_th != NULL);
2199 96 : spdm_session_info->session_transcript.digest_context_th_backup = libspdm_hash_new (
2200 : spdm_context->connection_info.algorithm.base_hash_algo);
2201 96 : if (spdm_session_info->session_transcript.digest_context_th_backup == NULL) {
2202 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2203 : }
2204 96 : result = libspdm_hash_duplicate (spdm_context->connection_info.algorithm.base_hash_algo,
2205 96 : spdm_session_info->session_transcript.digest_context_th,
2206 : spdm_session_info->session_transcript.digest_context_th_backup);
2207 96 : if (!result) {
2208 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2209 : spdm_session_info->session_transcript.digest_context_th_backup);
2210 0 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
2211 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2212 : }
2213 : }
2214 :
2215 :
2216 : /* prepare digest_context_th*/
2217 :
2218 253 : LIBSPDM_ASSERT (spdm_session_info->session_transcript.digest_context_th != NULL);
2219 253 : if (!spdm_session_info->session_transcript.message_f_initialized) {
2220 96 : if (!spdm_session_info->use_psk && (spdm_session_info->mut_auth_requested != 0)) {
2221 16 : if (spdm_context->connection_info.multi_key_conn_req) {
2222 0 : result = libspdm_hash_update (
2223 : spdm_context->connection_info.algorithm.base_hash_algo,
2224 : spdm_session_info->session_transcript.digest_context_th,
2225 0 : libspdm_get_managed_buffer(&spdm_session_info->session_transcript.
2226 : message_encap_d),
2227 0 : libspdm_get_managed_buffer_size(&spdm_session_info->session_transcript.
2228 : message_encap_d));
2229 0 : if (!result) {
2230 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2231 : spdm_session_info->session_transcript.digest_context_th);
2232 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2233 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2234 : }
2235 : }
2236 :
2237 16 : result = libspdm_hash_update (
2238 : spdm_context->connection_info.algorithm.base_hash_algo,
2239 : spdm_session_info->session_transcript.digest_context_th,
2240 : mut_cert_chain_buffer_hash, hash_size);
2241 16 : if (!result) {
2242 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2243 : spdm_session_info->session_transcript.digest_context_th);
2244 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2245 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2246 : }
2247 : }
2248 : }
2249 253 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2250 : spdm_session_info->session_transcript.digest_context_th,
2251 : message,
2252 : message_size);
2253 253 : if (!result) {
2254 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2255 : spdm_session_info->session_transcript.digest_context_th);
2256 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2257 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2258 : }
2259 :
2260 253 : spdm_session_info->session_transcript.message_f_initialized = true;
2261 253 : return LIBSPDM_STATUS_SUCCESS;
2262 : }
2263 : #endif
2264 : }
2265 :
2266 34 : libspdm_return_t libspdm_append_message_e(libspdm_context_t *spdm_context, void *session_info,
2267 : const void *message, size_t message_size)
2268 : {
2269 : libspdm_session_info_t *spdm_session_info;
2270 :
2271 34 : spdm_session_info = session_info;
2272 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2273 : if (spdm_session_info == NULL) {
2274 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_e,
2275 : message, message_size);
2276 : } else {
2277 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_e,
2278 : message, message_size);
2279 : }
2280 : #else
2281 : {
2282 : bool result;
2283 :
2284 34 : if (spdm_session_info == NULL) {
2285 28 : if (spdm_context->transcript.digest_context_il1il2 == NULL) {
2286 14 : spdm_context->transcript.digest_context_il1il2 = libspdm_hash_new (
2287 : spdm_context->connection_info.algorithm.base_hash_algo);
2288 14 : if (spdm_context->transcript.digest_context_il1il2 == NULL) {
2289 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2290 : }
2291 14 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2292 : spdm_context->transcript.digest_context_il1il2);
2293 14 : if (!result) {
2294 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2295 : spdm_context->transcript.digest_context_il1il2);
2296 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2297 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2298 : }
2299 :
2300 14 : result = libspdm_hash_update (
2301 : spdm_context->connection_info.algorithm.base_hash_algo,
2302 : spdm_context->transcript.digest_context_il1il2,
2303 14 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2304 14 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2305 :
2306 14 : if (!result) {
2307 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2308 : spdm_context->transcript.digest_context_il1il2);
2309 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2310 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2311 : }
2312 : }
2313 28 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2314 : spdm_context->transcript.digest_context_il1il2, message,
2315 : message_size);
2316 28 : if (!result) {
2317 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2318 : spdm_context->transcript.digest_context_il1il2);
2319 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2320 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2321 : }
2322 : } else {
2323 6 : if (spdm_session_info->session_transcript.digest_context_il1il2 == NULL) {
2324 3 : spdm_session_info->session_transcript.digest_context_il1il2 = libspdm_hash_new (
2325 : spdm_context->connection_info.algorithm.base_hash_algo);
2326 3 : if (spdm_session_info->session_transcript.digest_context_il1il2 == NULL) {
2327 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2328 : }
2329 3 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2330 : spdm_session_info->session_transcript.digest_context_il1il2);
2331 3 : if (!result) {
2332 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2333 : spdm_session_info->session_transcript.digest_context_il1il2);
2334 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2335 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2336 : }
2337 :
2338 3 : result = libspdm_hash_update (
2339 : spdm_context->connection_info.algorithm.base_hash_algo,
2340 : spdm_session_info->session_transcript.digest_context_il1il2,
2341 3 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2342 3 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2343 :
2344 3 : if (!result) {
2345 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2346 : spdm_session_info->session_transcript.digest_context_il1il2);
2347 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2348 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2349 : }
2350 : }
2351 6 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2352 : spdm_session_info->session_transcript.digest_context_il1il2,
2353 : message, message_size);
2354 6 : if (!result) {
2355 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2356 : spdm_session_info->session_transcript.digest_context_il1il2);
2357 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2358 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2359 : }
2360 : }
2361 :
2362 34 : return LIBSPDM_STATUS_SUCCESS;
2363 : }
2364 : #endif
2365 : }
2366 :
2367 22 : libspdm_return_t libspdm_append_message_encap_e(libspdm_context_t *spdm_context, void *session_info,
2368 : const void *message, size_t message_size)
2369 : {
2370 : libspdm_session_info_t *spdm_session_info;
2371 :
2372 22 : spdm_session_info = session_info;
2373 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2374 : if (spdm_session_info == NULL) {
2375 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_encap_e,
2376 : message, message_size);
2377 : } else {
2378 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_encap_e,
2379 : message, message_size);
2380 : }
2381 : #else
2382 : {
2383 : bool result;
2384 :
2385 22 : if (spdm_session_info == NULL) {
2386 17 : if (spdm_context->transcript.digest_context_encap_il1il2 == NULL) {
2387 11 : spdm_context->transcript.digest_context_encap_il1il2 = libspdm_hash_new (
2388 : spdm_context->connection_info.algorithm.base_hash_algo);
2389 11 : if (spdm_context->transcript.digest_context_encap_il1il2 == NULL) {
2390 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2391 : }
2392 11 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2393 : spdm_context->transcript.digest_context_encap_il1il2);
2394 11 : if (!result) {
2395 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2396 : spdm_context->transcript.digest_context_encap_il1il2);
2397 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2398 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2399 : }
2400 :
2401 11 : result = libspdm_hash_update (
2402 : spdm_context->connection_info.algorithm.base_hash_algo,
2403 : spdm_context->transcript.digest_context_encap_il1il2,
2404 11 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2405 11 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2406 :
2407 11 : if (!result) {
2408 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2409 : spdm_context->transcript.digest_context_encap_il1il2);
2410 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2411 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2412 : }
2413 : }
2414 17 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2415 : spdm_context->transcript.digest_context_encap_il1il2,
2416 : message,
2417 : message_size);
2418 17 : if (!result) {
2419 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2420 : spdm_context->transcript.digest_context_encap_il1il2);
2421 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2422 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2423 : }
2424 : } else {
2425 5 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 == NULL) {
2426 3 : spdm_session_info->session_transcript.digest_context_encap_il1il2 =
2427 3 : libspdm_hash_new (spdm_context->connection_info.algorithm.base_hash_algo);
2428 3 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 == NULL) {
2429 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2430 : }
2431 3 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2432 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2433 3 : if (!result) {
2434 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2435 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2436 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2437 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2438 : }
2439 :
2440 3 : result = libspdm_hash_update (
2441 : spdm_context->connection_info.algorithm.base_hash_algo,
2442 : spdm_session_info->session_transcript.digest_context_encap_il1il2,
2443 3 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2444 3 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2445 :
2446 3 : if (!result) {
2447 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2448 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2449 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2450 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2451 : }
2452 : }
2453 5 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2454 : spdm_session_info->session_transcript.digest_context_encap_il1il2,
2455 : message, message_size);
2456 5 : if (!result) {
2457 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2458 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2459 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2460 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2461 : }
2462 : }
2463 :
2464 22 : return LIBSPDM_STATUS_SUCCESS;
2465 : }
2466 : #endif
2467 : }
2468 : /**
2469 : * This function returns if a given version is supported based upon the GET_VERSION/VERSION.
2470 : *
2471 : * @param spdm_context A pointer to the SPDM context.
2472 : * @param version The SPDM version.
2473 : *
2474 : * @retval true the version is supported.
2475 : * @retval false the version is not supported.
2476 : **/
2477 0 : bool libspdm_is_version_supported(const libspdm_context_t *spdm_context, uint8_t version)
2478 : {
2479 0 : if (version == (spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT)) {
2480 0 : return true;
2481 : }
2482 :
2483 0 : return false;
2484 : }
2485 :
2486 : /**
2487 : * This function returns connection version negotiated by GET_VERSION/VERSION.
2488 : *
2489 : * @param spdm_context A pointer to the SPDM context.
2490 : *
2491 : * @return the connection version.
2492 : **/
2493 273562 : uint8_t libspdm_get_connection_version(const libspdm_context_t *spdm_context)
2494 : {
2495 273562 : return (uint8_t)(spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT);
2496 : }
2497 :
2498 : /**
2499 : * This function returns if a capabilities flag is supported in current SPDM connection.
2500 : *
2501 : * @param spdm_context A pointer to the SPDM context.
2502 : * @param is_requester Is the function called from a requester.
2503 : * @param requester_capabilities_flag The requester capabilities flag to be checked
2504 : * @param responder_capabilities_flag The responder capabilities flag to be checked
2505 : *
2506 : * @retval true the capabilities flag is supported.
2507 : * @retval false the capabilities flag is not supported.
2508 : **/
2509 78302 : bool libspdm_is_capabilities_flag_supported(const libspdm_context_t *spdm_context,
2510 : bool is_requester,
2511 : uint32_t requester_capabilities_flag,
2512 : uint32_t responder_capabilities_flag)
2513 : {
2514 : uint32_t negotiated_requester_capabilities_flag;
2515 : uint32_t negotiated_responder_capabilities_flag;
2516 :
2517 78302 : if (is_requester) {
2518 73849 : negotiated_requester_capabilities_flag = spdm_context->local_context.capability.flags;
2519 73849 : negotiated_responder_capabilities_flag = spdm_context->connection_info.capability.flags;
2520 : } else {
2521 4453 : negotiated_requester_capabilities_flag = spdm_context->connection_info.capability.flags;
2522 4453 : negotiated_responder_capabilities_flag = spdm_context->local_context.capability.flags;
2523 : }
2524 :
2525 78302 : if (((requester_capabilities_flag == 0) ||
2526 74603 : ((negotiated_requester_capabilities_flag &
2527 71863 : requester_capabilities_flag) != 0)) &&
2528 70376 : ((responder_capabilities_flag == 0) ||
2529 70376 : ((negotiated_responder_capabilities_flag &
2530 : responder_capabilities_flag) != 0))) {
2531 70976 : return true;
2532 : } else {
2533 7326 : return false;
2534 : }
2535 : }
2536 :
2537 : /**
2538 : * This function returns if a capabilities extended flag is supported in current SPDM connection.
2539 : *
2540 : * @param spdm_context A pointer to the SPDM context.
2541 : * @param is_requester Is the function called from a requester.
2542 : * @param requester_capabilities_ext_flag The requester capabilities extended flag to be checked
2543 : * @param responder_capabilities_ext_flag The responder capabilities extended flag to be checked
2544 : *
2545 : * @retval true the capabilities extended flag is supported.
2546 : * @retval false the capabilities extended flag is not supported.
2547 : **/
2548 0 : bool libspdm_is_capabilities_ext_flag_supported(const libspdm_context_t *spdm_context,
2549 : bool is_requester,
2550 : uint16_t requester_capabilities_ext_flag,
2551 : uint16_t responder_capabilities_ext_flag)
2552 : {
2553 : uint16_t negotiated_requester_capabilities_ext_flag;
2554 : uint16_t negotiated_responder_capabilities_ext_flag;
2555 :
2556 0 : if (is_requester) {
2557 0 : negotiated_requester_capabilities_ext_flag = spdm_context->local_context.capability.ext_flags;
2558 0 : negotiated_responder_capabilities_ext_flag = spdm_context->connection_info.capability.ext_flags;
2559 : } else {
2560 0 : negotiated_requester_capabilities_ext_flag = spdm_context->connection_info.capability.ext_flags;
2561 0 : negotiated_responder_capabilities_ext_flag = spdm_context->local_context.capability.ext_flags;
2562 : }
2563 :
2564 0 : if (((requester_capabilities_ext_flag == 0) ||
2565 : ((negotiated_requester_capabilities_ext_flag &
2566 0 : requester_capabilities_ext_flag) != 0)) &&
2567 0 : ((responder_capabilities_ext_flag == 0) ||
2568 : ((negotiated_responder_capabilities_ext_flag &
2569 0 : responder_capabilities_ext_flag) != 0))) {
2570 0 : return true;
2571 : } else {
2572 0 : return false;
2573 : }
2574 : }
2575 :
2576 33 : bool libspdm_is_encap_supported(const libspdm_context_t *spdm_context)
2577 : {
2578 33 : if (libspdm_get_connection_version(spdm_context) == SPDM_MESSAGE_VERSION_10) {
2579 0 : return false;
2580 33 : } else if (libspdm_get_connection_version(spdm_context) == SPDM_MESSAGE_VERSION_12) {
2581 : /* ENCAP_CAP was erroneously deprecated in SPDM 1.2.0 and 1.2.1, and MUT_AUTH_CAP
2582 : * was used in its place. In SPDM 1.2.2 and later ENCAP_CAP is undeprecated. Since
2583 : * UpdateVersionNumber must be ignored when checking interoperability libspdm will check
2584 : * if ENCAP_CAP or MUT_AUTH_CAP is set. */
2585 2 : const bool is_req_encap_cap_supported = libspdm_is_capabilities_flag_supported(
2586 2 : spdm_context, spdm_context->local_context.is_requester,
2587 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP, 0);
2588 2 : const bool is_req_mut_auth_cap_supported = libspdm_is_capabilities_flag_supported(
2589 2 : spdm_context, spdm_context->local_context.is_requester,
2590 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP, 0);
2591 2 : const bool is_rsp_encap_cap_supported = libspdm_is_capabilities_flag_supported(
2592 2 : spdm_context, spdm_context->local_context.is_requester,
2593 : 0, SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP);
2594 2 : const bool is_rsp_mut_auth_cap_supported = libspdm_is_capabilities_flag_supported(
2595 2 : spdm_context, spdm_context->local_context.is_requester,
2596 : 0, SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP);
2597 :
2598 2 : return ((is_req_encap_cap_supported || is_req_mut_auth_cap_supported) &&
2599 0 : (is_rsp_encap_cap_supported || is_rsp_mut_auth_cap_supported));
2600 : } else {
2601 : /* For SPDM 1.1 and 1.3 and later only check ENCAP_CAP. */
2602 31 : return libspdm_is_capabilities_flag_supported(
2603 31 : spdm_context, spdm_context->local_context.is_requester,
2604 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP,
2605 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP);
2606 : }
2607 : }
2608 :
2609 : /**
2610 : * Register SPDM device input/output functions.
2611 : *
2612 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2613 : *
2614 : * @param spdm_context A pointer to the SPDM context.
2615 : * @param send_message The function to send an SPDM transport layer message.
2616 : * @param receive_message The function to receive an SPDM transport layer message.
2617 : **/
2618 109 : void libspdm_register_device_io_func(
2619 : void *spdm_context, libspdm_device_send_message_func send_message,
2620 : libspdm_device_receive_message_func receive_message)
2621 : {
2622 : libspdm_context_t *context;
2623 :
2624 109 : context = spdm_context;
2625 109 : context->send_message = send_message;
2626 109 : context->receive_message = receive_message;
2627 109 : }
2628 :
2629 : /**
2630 : * Register SPDM device buffer management functions.
2631 : *
2632 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2633 : *
2634 : * The sender_buffer_size and receiver_buffer_size must be no smaller than
2635 : * MAX (non-secure Transport Message Header Size +
2636 : * SPDM_CAPABILITIES.DataTransferSize +
2637 : * max alignment pad size (transport specific),
2638 : * secure Transport Message Header Size +
2639 : * sizeof(spdm_secured_message_a_data_header1_t) +
2640 : * length of sequence_number (transport specific) +
2641 : * sizeof(spdm_secured_message_a_data_header2_t) +
2642 : * sizeof(spdm_secured_message_cipher_header_t) +
2643 : * App Message Header Size (transport specific) +
2644 : * SPDM_CAPABILITIES.DataTransferSize +
2645 : * maximum random data size (transport specific) +
2646 : * AEAD MAC size (16) +
2647 : * max alignment pad size (transport specific)).
2648 : *
2649 : * Finally, the SPDM_CAPABILITIES.DataTransferSize will be calculated based upon it.
2650 : *
2651 : * For MCTP,
2652 : * Transport Message Header Size = sizeof(mctp_message_header_t)
2653 : * length of sequence_number = 2
2654 : * App Message Header Size = sizeof(mctp_message_header_t)
2655 : * maximum random data size = MCTP_MAX_RANDOM_NUMBER_COUNT
2656 : * max alignment pad size = 0
2657 : * For PCI_DOE,
2658 : * Transport Message Header Size = sizeof(pci_doe_data_object_header_t)
2659 : * length of sequence_number = 0
2660 : * App Message Header Size = 0
2661 : * maximum random data size = 0
2662 : * max alignment pad size = 3
2663 : *
2664 : * @param spdm_context A pointer to the SPDM context.
2665 : * @param sender_buffer_size Size in bytes of the sender buffer.
2666 : * @param receiver_buffer_size Size in bytes of the receiver buffer.
2667 : * @param acquire_sender_buffer The function to acquire transport layer sender buffer.
2668 : * @param release_sender_buffer The function to release transport layer sender buffer.
2669 : * @param acquire_receiver_buffer The function to acquire transport layer receiver buffer.
2670 : * @param release_receiver_buffer The function to release transport layer receiver buffer.
2671 : **/
2672 110 : void libspdm_register_device_buffer_func(
2673 : void *spdm_context,
2674 : uint32_t sender_buffer_size,
2675 : uint32_t receiver_buffer_size,
2676 : libspdm_device_acquire_sender_buffer_func acquire_sender_buffer,
2677 : libspdm_device_release_sender_buffer_func release_sender_buffer,
2678 : libspdm_device_acquire_receiver_buffer_func acquire_receiver_buffer,
2679 : libspdm_device_release_receiver_buffer_func release_receiver_buffer)
2680 : {
2681 : libspdm_context_t *context;
2682 :
2683 110 : context = spdm_context;
2684 110 : context->sender_buffer_size = sender_buffer_size;
2685 110 : context->receiver_buffer_size = receiver_buffer_size;
2686 110 : context->acquire_sender_buffer = acquire_sender_buffer;
2687 110 : context->release_sender_buffer = release_sender_buffer;
2688 110 : context->acquire_receiver_buffer = acquire_receiver_buffer;
2689 110 : context->release_receiver_buffer = release_receiver_buffer;
2690 :
2691 110 : LIBSPDM_ASSERT (sender_buffer_size >=
2692 : context->local_context.capability.transport_header_size +
2693 : context->local_context.capability.transport_tail_size);
2694 110 : sender_buffer_size -= (context->local_context.capability.transport_header_size +
2695 110 : context->local_context.capability.transport_tail_size);
2696 110 : LIBSPDM_ASSERT (sender_buffer_size >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
2697 110 : context->local_context.capability.sender_data_transfer_size = sender_buffer_size;
2698 :
2699 110 : LIBSPDM_ASSERT(receiver_buffer_size >=
2700 : context->local_context.capability.transport_header_size +
2701 : context->local_context.capability.transport_tail_size);
2702 110 : receiver_buffer_size -= (context->local_context.capability.transport_header_size +
2703 110 : context->local_context.capability.transport_tail_size);
2704 110 : LIBSPDM_ASSERT (receiver_buffer_size >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
2705 110 : context->local_context.capability.data_transfer_size = receiver_buffer_size;
2706 110 : }
2707 :
2708 : /**
2709 : * Register SPDM transport layer encode/decode functions for SPDM or APP messages.
2710 : *
2711 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2712 : *
2713 : * @param spdm_context A pointer to the SPDM context.
2714 : * @param transport_encode_message The function to encode an SPDM or APP message to a transport layer message.
2715 : * @param transport_decode_message The function to decode an SPDM or APP message from a transport layer message.
2716 : **/
2717 111 : void libspdm_register_transport_layer_func(
2718 : void *spdm_context,
2719 : uint32_t max_spdm_msg_size,
2720 : uint32_t transport_header_size,
2721 : uint32_t transport_tail_size,
2722 : libspdm_transport_encode_message_func transport_encode_message,
2723 : libspdm_transport_decode_message_func transport_decode_message)
2724 : {
2725 : libspdm_context_t *context;
2726 :
2727 111 : context = spdm_context;
2728 :
2729 : /* fix the data_transfer_size if it is set before */
2730 111 : if ((context->local_context.capability.data_transfer_size != 0) &&
2731 1 : (context->local_context.capability.data_transfer_size ==
2732 1 : context->receiver_buffer_size)) {
2733 0 : context->local_context.capability.data_transfer_size =
2734 0 : (uint32_t)(context->receiver_buffer_size -
2735 0 : (transport_header_size + transport_tail_size));
2736 : }
2737 111 : if ((context->local_context.capability.sender_data_transfer_size != 0) &&
2738 1 : (context->local_context.capability.sender_data_transfer_size ==
2739 1 : context->sender_buffer_size)) {
2740 0 : context->local_context.capability.sender_data_transfer_size =
2741 0 : (uint32_t)(context->sender_buffer_size -
2742 0 : (transport_header_size + transport_tail_size));
2743 : }
2744 :
2745 111 : context->local_context.capability.max_spdm_msg_size = max_spdm_msg_size;
2746 111 : context->local_context.capability.transport_header_size = transport_header_size;
2747 111 : context->local_context.capability.transport_tail_size = transport_tail_size;
2748 111 : context->transport_encode_message = transport_encode_message;
2749 111 : context->transport_decode_message = transport_decode_message;
2750 111 : }
2751 :
2752 : /**
2753 : * Register SPDM certificate verification functions for SPDM GET_CERTIFICATE in requester or responder.
2754 : * It is called after GET_CERTIFICATE gets a full certificate chain from peer.
2755 : *
2756 : * If it is NOT registered, the default verification in SPDM lib will be used. It verifies:
2757 : * 1) The integrity of the certificate chain, (Root Cert Hash->Root Cert->Cert Chain), according to X.509.
2758 : * 2) The trust anchor, according LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT or LIBSPDM_DATA_PEER_PUBLIC_CERT_CHAIN.
2759 : * If it is registered, SPDM lib will use this function to verify the certificate.
2760 : *
2761 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2762 : *
2763 : * @param context A pointer to the SPDM context.
2764 : * @param verify_spdm_cert_chain The function to verify an SPDM certificate after GET_CERTIFICATE.
2765 : **/
2766 0 : void libspdm_register_verify_spdm_cert_chain_func(
2767 : void *spdm_context,
2768 : const libspdm_verify_spdm_cert_chain_func verify_spdm_cert_chain)
2769 : {
2770 : libspdm_context_t *context;
2771 :
2772 0 : context = spdm_context;
2773 0 : context->local_context.verify_peer_spdm_cert_chain = verify_spdm_cert_chain;
2774 0 : }
2775 :
2776 : /**
2777 : * Get the size of required scratch buffer.
2778 : *
2779 : * The SPDM Integrator must call libspdm_get_sizeof_required_scratch_buffer to get the size,
2780 : * then allocate enough scratch buffer and call libspdm_set_scratch_buffer().
2781 : *
2782 : * @param context A pointer to the SPDM context.
2783 : *
2784 : * @return the size of required scratch buffer.
2785 : **/
2786 114 : size_t libspdm_get_sizeof_required_scratch_buffer (void *spdm_context)
2787 : {
2788 : libspdm_context_t *context;
2789 : size_t scratch_buffer_size;
2790 :
2791 114 : context = spdm_context;
2792 114 : LIBSPDM_ASSERT (context->local_context.capability.max_spdm_msg_size != 0);
2793 :
2794 114 : scratch_buffer_size = libspdm_get_scratch_buffer_capacity(context);
2795 114 : return scratch_buffer_size;
2796 : }
2797 :
2798 : /**
2799 : * Set the scratch buffer.
2800 : *
2801 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2802 : *
2803 : * @param context A pointer to the SPDM context.
2804 : * @param scratch_buffer Buffer address of the scratch buffer.
2805 : * @param scratch_buffer_size Size of the scratch buffer.
2806 : *
2807 : **/
2808 114 : void libspdm_set_scratch_buffer (
2809 : void *spdm_context,
2810 : void *scratch_buffer,
2811 : size_t scratch_buffer_size)
2812 : {
2813 : libspdm_context_t *context;
2814 :
2815 114 : context = spdm_context;
2816 114 : LIBSPDM_ASSERT (context->local_context.capability.max_spdm_msg_size != 0);
2817 114 : LIBSPDM_ASSERT (scratch_buffer_size >= libspdm_get_scratch_buffer_capacity(spdm_context));
2818 114 : context->scratch_buffer = scratch_buffer;
2819 114 : context->scratch_buffer_size = scratch_buffer_size;
2820 114 : context->last_spdm_request = (uint8_t *)scratch_buffer +
2821 114 : libspdm_get_scratch_buffer_last_spdm_request_offset(spdm_context);
2822 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2823 114 : context->cache_spdm_request = (uint8_t *)scratch_buffer +
2824 114 : libspdm_get_scratch_buffer_cache_spdm_request_offset(spdm_context);
2825 : #endif
2826 114 : }
2827 :
2828 : /**
2829 : * Get the scratch buffer.
2830 : *
2831 : * @param context A pointer to the SPDM context.
2832 : * @param scratch_buffer Buffer address of the scratch buffer.
2833 : * @param scratch_buffer_size Size of the scratch buffer.
2834 : *
2835 : **/
2836 136733 : void libspdm_get_scratch_buffer (
2837 : void *spdm_context,
2838 : void **scratch_buffer,
2839 : size_t *scratch_buffer_size)
2840 : {
2841 : libspdm_context_t *context;
2842 :
2843 136733 : context = spdm_context;
2844 136733 : LIBSPDM_ASSERT (context->scratch_buffer != NULL);
2845 136733 : LIBSPDM_ASSERT (context->scratch_buffer_size >=
2846 : libspdm_get_scratch_buffer_capacity(spdm_context));
2847 136733 : *scratch_buffer = context->scratch_buffer;
2848 136733 : *scratch_buffer_size = context->scratch_buffer_size;
2849 : /* need to remove last 2 sections, because they are for libspdm internal state track. */
2850 136733 : *scratch_buffer_size -= libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context);
2851 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2852 136733 : *scratch_buffer_size -= libspdm_get_scratch_buffer_cache_spdm_request_capacity(spdm_context);
2853 : #endif
2854 136733 : }
2855 :
2856 2614 : libspdm_return_t libspdm_acquire_sender_buffer (
2857 : libspdm_context_t *spdm_context, size_t *max_msg_size, void **msg_buf_ptr)
2858 : {
2859 : libspdm_return_t status;
2860 :
2861 2614 : LIBSPDM_ASSERT (spdm_context->sender_buffer == NULL);
2862 2614 : LIBSPDM_ASSERT (spdm_context->sender_buffer_size != 0);
2863 2614 : status = spdm_context->acquire_sender_buffer (spdm_context, msg_buf_ptr);
2864 2614 : if (status != LIBSPDM_STATUS_SUCCESS) {
2865 7 : return status;
2866 : }
2867 2607 : spdm_context->sender_buffer = *msg_buf_ptr;
2868 2607 : *max_msg_size = spdm_context->sender_buffer_size;
2869 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
2870 : /* it return scratch buffer, because the requester need build message there.*/
2871 5214 : *msg_buf_ptr = (uint8_t *)spdm_context->scratch_buffer +
2872 2607 : libspdm_get_scratch_buffer_large_sender_receiver_offset(spdm_context);
2873 2607 : *max_msg_size = libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context);
2874 : #endif
2875 2607 : return LIBSPDM_STATUS_SUCCESS;
2876 : }
2877 :
2878 2607 : void libspdm_release_sender_buffer (libspdm_context_t *spdm_context)
2879 : {
2880 2607 : LIBSPDM_ASSERT(spdm_context->sender_buffer != NULL);
2881 2607 : LIBSPDM_ASSERT(spdm_context->sender_buffer_size != 0);
2882 :
2883 2607 : spdm_context->release_sender_buffer (spdm_context, spdm_context->sender_buffer);
2884 2607 : spdm_context->sender_buffer = NULL;
2885 2607 : }
2886 :
2887 : /**
2888 : * Get the sender buffer.
2889 : *
2890 : * @param context A pointer to the SPDM context.
2891 : * @param receiver_buffer Buffer address of the sender buffer.
2892 : * @param receiver_buffer_size Size of the sender buffer.
2893 : *
2894 : **/
2895 68217 : void libspdm_get_sender_buffer (
2896 : libspdm_context_t *spdm_context,
2897 : void **sender_buffer,
2898 : size_t *sender_buffer_size)
2899 : {
2900 68217 : *sender_buffer = spdm_context->sender_buffer;
2901 68217 : *sender_buffer_size = spdm_context->sender_buffer_size;
2902 68217 : }
2903 :
2904 2568 : libspdm_return_t libspdm_acquire_receiver_buffer (
2905 : libspdm_context_t *spdm_context, size_t *max_msg_size, void **msg_buf_ptr)
2906 : {
2907 : libspdm_return_t status;
2908 :
2909 2568 : LIBSPDM_ASSERT (spdm_context->receiver_buffer == NULL);
2910 2568 : LIBSPDM_ASSERT (spdm_context->receiver_buffer_size != 0);
2911 2568 : status = spdm_context->acquire_receiver_buffer (spdm_context, msg_buf_ptr);
2912 2568 : if (status != LIBSPDM_STATUS_SUCCESS) {
2913 7 : return status;
2914 : }
2915 2561 : spdm_context->receiver_buffer = *msg_buf_ptr;
2916 2561 : *max_msg_size = spdm_context->receiver_buffer_size;
2917 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
2918 : /* it return scratch buffer, because the requester need build message there.*/
2919 5122 : *msg_buf_ptr = (uint8_t *)spdm_context->scratch_buffer +
2920 2561 : libspdm_get_scratch_buffer_large_sender_receiver_offset(spdm_context);
2921 2561 : *max_msg_size = libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context);
2922 : #endif
2923 2561 : return LIBSPDM_STATUS_SUCCESS;
2924 : }
2925 :
2926 2561 : void libspdm_release_receiver_buffer (libspdm_context_t *spdm_context)
2927 : {
2928 2561 : LIBSPDM_ASSERT(spdm_context->receiver_buffer != NULL);
2929 2561 : LIBSPDM_ASSERT(spdm_context->receiver_buffer_size != 0);
2930 :
2931 2561 : spdm_context->release_receiver_buffer (spdm_context, spdm_context->receiver_buffer);
2932 2561 : spdm_context->receiver_buffer = NULL;
2933 2561 : }
2934 :
2935 : /**
2936 : * Get the receiver buffer.
2937 : *
2938 : * @param context A pointer to the SPDM context.
2939 : * @param receiver_buffer Buffer address of the receiver buffer.
2940 : * @param receiver_buffer_size Size of the receiver buffer.
2941 : *
2942 : **/
2943 0 : void libspdm_get_receiver_buffer (
2944 : libspdm_context_t *spdm_context,
2945 : void **receiver_buffer,
2946 : size_t *receiver_buffer_size)
2947 : {
2948 0 : *receiver_buffer = spdm_context->receiver_buffer;
2949 0 : *receiver_buffer_size = spdm_context->receiver_buffer_size;
2950 0 : }
2951 :
2952 : /**
2953 : * Get the last SPDM error struct of an SPDM context.
2954 : *
2955 : * @param spdm_context A pointer to the SPDM context.
2956 : * @param last_spdm_error Last SPDM error struct of an SPDM context.
2957 : */
2958 0 : void libspdm_get_last_spdm_error_struct(void *spdm_context, libspdm_error_struct_t *last_spdm_error)
2959 : {
2960 : libspdm_context_t *context;
2961 :
2962 0 : context = spdm_context;
2963 0 : libspdm_copy_mem(last_spdm_error, sizeof(libspdm_error_struct_t),
2964 0 : &context->last_spdm_error,sizeof(libspdm_error_struct_t));
2965 0 : }
2966 :
2967 : /**
2968 : * Set the last SPDM error struct of an SPDM context.
2969 : *
2970 : * @param spdm_context A pointer to the SPDM context.
2971 : * @param last_spdm_error Last SPDM error struct of an SPDM context.
2972 : */
2973 68315 : void libspdm_set_last_spdm_error_struct(void *spdm_context, libspdm_error_struct_t *last_spdm_error)
2974 : {
2975 : libspdm_context_t *context;
2976 :
2977 68315 : context = spdm_context;
2978 68315 : libspdm_copy_mem(&context->last_spdm_error, sizeof(context->last_spdm_error),
2979 : last_spdm_error, sizeof(libspdm_error_struct_t));
2980 68315 : }
2981 :
2982 : #if LIBSPDM_FIPS_MODE
2983 0 : libspdm_return_t libspdm_init_fips_selftest_context(void *fips_selftest_context,
2984 : size_t buffer_size,
2985 : void *buffer)
2986 : {
2987 : libspdm_fips_selftest_context_t *context;
2988 0 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
2989 : LIBSPDM_ASSERT(buffer_size >= LIBSPDM_FIPS_REQUIRED_BUFFER_SIZE);
2990 0 : if (buffer_size > 0) {
2991 0 : LIBSPDM_ASSERT(buffer != NULL);
2992 : }
2993 :
2994 0 : context = fips_selftest_context;
2995 :
2996 : /*No tested for every used algo*/
2997 0 : context->tested_algo = 0;
2998 : /*self_test result is false for every used algo*/
2999 0 : context->self_test_result = 0;
3000 : /*The buffer provided by integrator to hold large intermediate results*/
3001 0 : context->selftest_buffer_size = buffer_size;
3002 0 : context->selftest_buffer = buffer;
3003 :
3004 0 : return LIBSPDM_STATUS_SUCCESS;
3005 : }
3006 :
3007 : /**
3008 : * Return the size in bytes of the fips_selftest_context.
3009 : *
3010 : * @return the size in bytes of the fips_selftest_context.
3011 : **/
3012 0 : size_t libspdm_get_fips_selftest_context_size(void)
3013 : {
3014 : size_t size;
3015 :
3016 0 : size = sizeof(libspdm_fips_selftest_context_t);
3017 0 : return size;
3018 : }
3019 :
3020 : /**
3021 : * Returns the required buffer size for FIPS self-tests.
3022 : *
3023 : * @retval The required buffer size in bytes.
3024 : */
3025 0 : size_t libspdm_get_fips_selftest_buffer_size(void)
3026 : {
3027 0 : return LIBSPDM_FIPS_REQUIRED_BUFFER_SIZE;
3028 : }
3029 :
3030 : /**
3031 : * import fips_selftest_context to spdm_context;
3032 : *
3033 : * @param[in,out] spdm_context A pointer to the spdm_context.
3034 : * @param[in] fips_selftest_context A pointer to the fips_selftest_context.
3035 : * @param[in] fips_selftest_context_size The size of fips_selftest_context.
3036 : *
3037 : * @retval true import fips_selftest_context successful.
3038 : * @retval false spdm_context or fips_selftest_context is null.
3039 : */
3040 0 : bool libspdm_import_fips_selftest_context_to_spdm_context(void *spdm_context,
3041 : void *fips_selftest_context,
3042 : size_t fips_selftest_context_size)
3043 : {
3044 : libspdm_fips_selftest_context_t *libspdm_fips_selftest_context;
3045 : libspdm_context_t *libspdm_context;
3046 :
3047 0 : libspdm_context = spdm_context;
3048 0 : libspdm_fips_selftest_context = fips_selftest_context;
3049 :
3050 0 : if ((libspdm_context == NULL) || (libspdm_fips_selftest_context == NULL)) {
3051 0 : return false;
3052 : }
3053 0 : if (fips_selftest_context_size != sizeof(libspdm_fips_selftest_context_t)) {
3054 0 : return false;
3055 : }
3056 :
3057 0 : libspdm_copy_mem(&(libspdm_context->fips_selftest_context),
3058 : sizeof(libspdm_fips_selftest_context_t),
3059 : libspdm_fips_selftest_context, sizeof(libspdm_fips_selftest_context_t));
3060 0 : return true;
3061 : }
3062 :
3063 : /**
3064 : * export fips_selftest_context from spdm_context;
3065 : *
3066 : * @param[in] spdm_context A pointer to the spdm_context.
3067 : * @param[in,out] fips_selftest_context A pointer to the fips_selftest_context.
3068 : * @param[in] fips_selftest_context_size The size of fips_selftest_context.
3069 : *
3070 : * @retval true export fips_selftest_context successful.
3071 : * @retval false spdm_context or fips_selftest_context is null.
3072 : */
3073 0 : bool libspdm_export_fips_selftest_context_from_spdm_context(void *spdm_context,
3074 : void *fips_selftest_context,
3075 : size_t fips_selftest_context_size)
3076 : {
3077 : libspdm_fips_selftest_context_t *libspdm_fips_selftest_context;
3078 : libspdm_context_t *libspdm_context;
3079 :
3080 0 : libspdm_context = spdm_context;
3081 0 : libspdm_fips_selftest_context = fips_selftest_context;
3082 :
3083 0 : if ((libspdm_context == NULL) || (libspdm_fips_selftest_context == NULL)) {
3084 0 : return false;
3085 : }
3086 0 : if (fips_selftest_context_size != sizeof(libspdm_fips_selftest_context_t)) {
3087 0 : return false;
3088 : }
3089 :
3090 0 : libspdm_copy_mem(libspdm_fips_selftest_context,
3091 : sizeof(libspdm_fips_selftest_context_t),
3092 0 : &(libspdm_context->fips_selftest_context),
3093 : sizeof(libspdm_fips_selftest_context_t));
3094 0 : return true;
3095 : }
3096 :
3097 : #endif /* LIBSPDM_FIPS_MODE */
3098 :
3099 117 : libspdm_return_t libspdm_init_context_with_secured_context(void *spdm_context,
3100 : void **secured_contexts,
3101 : size_t num_secured_contexts)
3102 : {
3103 : libspdm_context_t *context;
3104 : size_t index;
3105 :
3106 117 : LIBSPDM_ASSERT(spdm_context != NULL);
3107 117 : LIBSPDM_ASSERT(secured_contexts != NULL);
3108 117 : LIBSPDM_ASSERT(num_secured_contexts == LIBSPDM_MAX_SESSION_COUNT);
3109 :
3110 117 : context = spdm_context;
3111 117 : libspdm_zero_mem(context, sizeof(libspdm_context_t));
3112 117 : context->version = LIBSPDM_CONTEXT_STRUCT_VERSION;
3113 117 : context->transcript.message_a.max_buffer_size =
3114 : sizeof(context->transcript.message_a.buffer);
3115 117 : context->transcript.message_d.max_buffer_size =
3116 : sizeof(context->transcript.message_d.buffer);
3117 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3118 : context->transcript.message_b.max_buffer_size =
3119 : sizeof(context->transcript.message_b.buffer);
3120 : context->transcript.message_c.max_buffer_size =
3121 : sizeof(context->transcript.message_c.buffer);
3122 : context->transcript.message_mut_b.max_buffer_size =
3123 : sizeof(context->transcript.message_mut_b.buffer);
3124 : context->transcript.message_mut_c.max_buffer_size =
3125 : sizeof(context->transcript.message_mut_c.buffer);
3126 : context->transcript.message_m.max_buffer_size =
3127 : sizeof(context->transcript.message_m.buffer);
3128 : context->transcript.message_e.max_buffer_size =
3129 : sizeof(context->transcript.message_e.buffer);
3130 : context->transcript.message_encap_e.max_buffer_size =
3131 : sizeof(context->transcript.message_encap_e.buffer);
3132 : #endif
3133 117 : context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
3134 117 : context->local_context.version.spdm_version_count = SPDM_MAX_VERSION_COUNT;
3135 117 : context->local_context.version.spdm_version[0] = SPDM_MESSAGE_VERSION_10 <<
3136 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3137 117 : context->local_context.version.spdm_version[1] = SPDM_MESSAGE_VERSION_11 <<
3138 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3139 117 : context->local_context.version.spdm_version[2] = SPDM_MESSAGE_VERSION_12 <<
3140 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3141 117 : context->local_context.version.spdm_version[3] = SPDM_MESSAGE_VERSION_13 <<
3142 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3143 117 : context->local_context.version.spdm_version[4] = SPDM_MESSAGE_VERSION_14 <<
3144 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3145 117 : context->local_context.secured_message_version.secured_message_version_count =
3146 : SECURED_SPDM_MAX_VERSION_COUNT;
3147 117 : context->local_context.secured_message_version.secured_message_version[0] =
3148 : SECURED_SPDM_VERSION_10 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3149 117 : context->local_context.secured_message_version.secured_message_version[1] =
3150 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3151 117 : context->local_context.secured_message_version.secured_message_version[2] =
3152 : SECURED_SPDM_VERSION_12 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3153 117 : context->local_context.capability.st1 = SPDM_ST1_VALUE_US;
3154 :
3155 117 : context->mut_auth_cert_chain_buffer_size = 0;
3156 :
3157 117 : context->max_spdm_session_sequence_number = LIBSPDM_MAX_SPDM_SESSION_SEQUENCE_NUMBER;
3158 :
3159 117 : context->latest_session_id = INVALID_SESSION_ID;
3160 117 : context->last_spdm_request_session_id = INVALID_SESSION_ID;
3161 117 : context->last_spdm_request_session_id_valid = false;
3162 117 : context->last_spdm_request_size = 0;
3163 :
3164 : /* To be updated in libspdm_register_device_buffer_func */
3165 117 : context->local_context.capability.data_transfer_size = 0;
3166 117 : context->local_context.capability.sender_data_transfer_size = 0;
3167 117 : context->local_context.capability.max_spdm_msg_size = 0;
3168 :
3169 585 : for (index = 0; index < num_secured_contexts; index++) {
3170 468 : if (secured_contexts[index] == NULL) {
3171 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
3172 : }
3173 :
3174 468 : context->session_info[index].secured_message_context = secured_contexts[index];
3175 468 : libspdm_secured_message_init_context(
3176 : context->session_info[index].secured_message_context);
3177 : }
3178 :
3179 117 : return LIBSPDM_STATUS_SUCCESS;
3180 : }
3181 :
3182 116 : libspdm_return_t libspdm_init_context(void *spdm_context)
3183 : {
3184 : libspdm_context_t *context;
3185 : void *secured_context;
3186 : void *secured_contexts[LIBSPDM_MAX_SESSION_COUNT];
3187 : size_t secured_context_size;
3188 : size_t index;
3189 :
3190 116 : LIBSPDM_ASSERT(spdm_context != NULL);
3191 :
3192 : /* libspdm_get_context_size() allocates space for all secured message
3193 : * contexts. They are appended to the general SPDM context. */
3194 116 : context = spdm_context;
3195 116 : secured_context = (void *)((size_t)(context + 1));
3196 116 : secured_context_size = libspdm_secured_message_get_context_size();
3197 :
3198 580 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++)
3199 : {
3200 464 : secured_contexts[index] = (uint8_t *)secured_context + secured_context_size * index;
3201 : }
3202 :
3203 116 : return libspdm_init_context_with_secured_context(spdm_context,
3204 : secured_contexts,
3205 : LIBSPDM_MAX_SESSION_COUNT);
3206 : }
3207 :
3208 42 : void libspdm_reset_context(void *spdm_context)
3209 : {
3210 : libspdm_context_t *context;
3211 : size_t index;
3212 :
3213 42 : context = spdm_context;
3214 :
3215 : /* Clear all information about previous connection. Local context information is preserved. */
3216 :
3217 : /* Need to clear session information and message transcripts before negotiated algorithm
3218 : * information is cleared. */
3219 210 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++)
3220 : {
3221 168 : libspdm_session_info_init(context,
3222 : &context->session_info[index],
3223 : INVALID_SESSION_ID,
3224 : 0,
3225 : false);
3226 : }
3227 :
3228 42 : libspdm_reset_message_a(spdm_context);
3229 42 : libspdm_reset_message_d(spdm_context);
3230 42 : libspdm_reset_message_b(spdm_context);
3231 42 : libspdm_reset_message_c(spdm_context);
3232 42 : libspdm_reset_message_mut_b(spdm_context);
3233 42 : libspdm_reset_message_mut_c(spdm_context);
3234 42 : libspdm_reset_message_m(spdm_context, NULL);
3235 42 : libspdm_reset_message_e(spdm_context, NULL);
3236 42 : libspdm_reset_message_encap_e(spdm_context, NULL);
3237 :
3238 42 : context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
3239 42 : libspdm_zero_mem(&context->connection_info.version, sizeof(spdm_version_number_t));
3240 42 : libspdm_zero_mem(&context->connection_info.capability,
3241 : sizeof(libspdm_device_capability_t));
3242 42 : libspdm_zero_mem(&context->connection_info.algorithm, sizeof(libspdm_device_algorithm_t));
3243 42 : libspdm_zero_mem(&context->last_spdm_error, sizeof(libspdm_error_struct_t));
3244 42 : libspdm_zero_mem(&context->encap_context, sizeof(libspdm_encap_context_t));
3245 42 : context->connection_info.multi_key_conn_req = false;
3246 42 : context->connection_info.multi_key_conn_rsp = false;
3247 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
3248 42 : context->cache_spdm_request_size = 0;
3249 : #endif
3250 42 : context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
3251 42 : context->current_token = 0;
3252 42 : context->latest_session_id = INVALID_SESSION_ID;
3253 42 : context->last_spdm_request_session_id = INVALID_SESSION_ID;
3254 42 : context->last_spdm_request_session_id_valid = false;
3255 42 : context->last_spdm_request_size = 0;
3256 42 : context->mut_auth_cert_chain_buffer_size = 0;
3257 42 : context->current_dhe_session_count = 0;
3258 42 : context->current_psk_session_count = 0;
3259 42 : }
3260 :
3261 : /**
3262 : * Free the memory of contexts within the SPDM context.
3263 : * These are typically contexts whose memory has been allocated by the cryptography library.
3264 : * This function does not free the SPDM context itself.
3265 : *
3266 : * @param[in] spdm_context A pointer to the SPDM context.
3267 : *
3268 : */
3269 0 : void libspdm_deinit_context(void *spdm_context)
3270 : {
3271 : uint32_t session_id;
3272 : libspdm_context_t *context;
3273 : libspdm_session_info_t *session_info;
3274 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
3275 : void *pubkey_context;
3276 : bool is_requester;
3277 : uint8_t slot_index;
3278 : #endif
3279 :
3280 0 : context = spdm_context;
3281 :
3282 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
3283 0 : is_requester = context->local_context.is_requester;
3284 :
3285 0 : for (slot_index = 0; slot_index < SPDM_MAX_SLOT_COUNT; slot_index++) {
3286 0 : pubkey_context = context->connection_info.peer_used_cert_chain[slot_index].
3287 : leaf_cert_public_key;
3288 :
3289 0 : if (pubkey_context != NULL) {
3290 0 : if (is_requester) {
3291 0 : if (context->connection_info.algorithm.pqc_asym_algo != 0) {
3292 0 : libspdm_pqc_asym_free(
3293 : context->connection_info.algorithm.pqc_asym_algo, pubkey_context);
3294 : } else {
3295 0 : libspdm_asym_free(
3296 : context->connection_info.algorithm.base_asym_algo, pubkey_context);
3297 : }
3298 : } else {
3299 0 : if (context->connection_info.algorithm.req_pqc_asym_alg != 0) {
3300 0 : libspdm_req_pqc_asym_free(
3301 : context->connection_info.algorithm.req_pqc_asym_alg, pubkey_context);
3302 : } else {
3303 0 : libspdm_req_asym_free(
3304 0 : context->connection_info.algorithm.req_base_asym_alg, pubkey_context);
3305 : }
3306 : }
3307 :
3308 0 : context->connection_info.peer_used_cert_chain[slot_index].leaf_cert_public_key = NULL;
3309 : }
3310 : }
3311 : #endif
3312 :
3313 0 : libspdm_reset_message_a(context);
3314 0 : libspdm_reset_message_d(context);
3315 0 : libspdm_reset_message_b(context);
3316 0 : libspdm_reset_message_c(context);
3317 0 : libspdm_reset_message_mut_b(context);
3318 0 : libspdm_reset_message_mut_c(context);
3319 0 : libspdm_reset_message_m(spdm_context, NULL);
3320 0 : libspdm_reset_message_e(spdm_context, NULL);
3321 0 : libspdm_reset_message_encap_e(spdm_context, NULL);
3322 0 : for (session_id = 0; session_id < LIBSPDM_MAX_SESSION_COUNT; session_id++) {
3323 0 : session_info = &context->session_info[session_id];
3324 0 : libspdm_reset_message_m(context, session_info);
3325 0 : libspdm_reset_message_e(context, session_info);
3326 0 : libspdm_reset_message_encap_e(context, session_info);
3327 0 : libspdm_reset_message_encap_d(context, session_info);
3328 0 : libspdm_reset_message_k(context, session_info);
3329 0 : libspdm_reset_message_f(context, session_info);
3330 : }
3331 0 : }
3332 :
3333 : /**
3334 : * Return the size in bytes of the SPDM context. This includes all
3335 : * secured message context data as well.
3336 : *
3337 : * For just the SPDM context size, use libspdm_get_context_size_without_secured_context.
3338 : *
3339 : * @return the size in bytes of the SPDM context and secured message contexts.
3340 : **/
3341 116 : size_t libspdm_get_context_size(void)
3342 : {
3343 : size_t size;
3344 :
3345 116 : size = sizeof(libspdm_context_t) +
3346 116 : libspdm_secured_message_get_context_size() * LIBSPDM_MAX_SESSION_COUNT;
3347 116 : LIBSPDM_ASSERT (size == LIBSPDM_CONTEXT_SIZE_ALL);
3348 116 : return size;
3349 : }
3350 :
3351 : /**
3352 : * Return the size in bytes of just the SPDM context, without secured message context.
3353 : *
3354 : * For the complete context size, use libspdm_get_context_size.
3355 : *
3356 : * @return the size in bytes of the SPDM context.
3357 : **/
3358 1 : size_t libspdm_get_context_size_without_secured_context(void)
3359 : {
3360 : size_t size;
3361 :
3362 1 : size = sizeof(libspdm_context_t);
3363 1 : LIBSPDM_ASSERT (size == LIBSPDM_CONTEXT_SIZE_WITHOUT_SECURED_CONTEXT);
3364 1 : return size;
3365 : }
3366 :
3367 : /**
3368 : * Return the SPDMversion field of the version number struct.
3369 : *
3370 : * @param ver Spdm version number struct.
3371 : *
3372 : * @return the SPDMversion of the version number struct.
3373 : **/
3374 245 : uint8_t libspdm_get_version_from_version_number(const spdm_version_number_t ver)
3375 : {
3376 245 : return (uint8_t)(ver >> SPDM_VERSION_NUMBER_SHIFT_BIT);
3377 : }
3378 :
3379 : /**
3380 : * Sort SPDMversion in descending order.
3381 : *
3382 : * @param spdm_context A pointer to the SPDM context.
3383 : * @param ver_set A pointer to the version set.
3384 : * @param ver_num Version number.
3385 : */
3386 60 : void libspdm_version_number_sort(spdm_version_number_t *ver_set, size_t ver_num)
3387 : {
3388 : size_t index;
3389 : size_t index_sort;
3390 : size_t index_max;
3391 : spdm_version_number_t version;
3392 :
3393 : /* Select sort */
3394 60 : if (ver_num > 1) {
3395 135 : for (index_sort = 0; index_sort < ver_num; index_sort++) {
3396 103 : index_max = index_sort;
3397 230 : for (index = index_sort + 1; index < ver_num; index++) {
3398 : /* if ver_ser[index] higher than ver_set[index_max] */
3399 127 : if (ver_set[index] > ver_set[index_max]) {
3400 74 : index_max = index;
3401 : }
3402 : }
3403 : /* swap ver_ser[index_min] and ver_set[index_sort] */
3404 103 : version = ver_set[index_sort];
3405 103 : ver_set[index_sort] = ver_set[index_max];
3406 103 : ver_set[index_max] = version;
3407 : }
3408 : }
3409 60 : }
3410 :
3411 : /**
3412 : * Negotiate SPDMversion for connection.
3413 : * ver_set is the local version set of requester, res_ver_set is the version set of responder.
3414 : *
3415 : * @param common_version A pointer to store the common version.
3416 : * @param req_ver_set A pointer to the requester version set.
3417 : * @param req_ver_num Version number of requester.
3418 : * @param res_ver_set A pointer to the responder version set.
3419 : * @param res_ver_num Version number of responder.
3420 : *
3421 : * @retval true Negotiation successfully, connect version be saved to common_version.
3422 : * @retval false Negotiation failed.
3423 : */
3424 30 : bool libspdm_negotiate_connection_version(spdm_version_number_t *common_version,
3425 : spdm_version_number_t *req_ver_set,
3426 : size_t req_ver_num,
3427 : const spdm_version_number_t *res_ver_set,
3428 : size_t res_ver_num)
3429 : {
3430 : spdm_version_number_t req_version_list[LIBSPDM_MAX_VERSION_COUNT];
3431 : spdm_version_number_t res_version_list[LIBSPDM_MAX_VERSION_COUNT];
3432 : size_t req_index;
3433 : size_t res_index;
3434 :
3435 30 : if (req_ver_num > LIBSPDM_MAX_VERSION_COUNT || res_ver_num > LIBSPDM_MAX_VERSION_COUNT) {
3436 0 : return false;
3437 : }
3438 :
3439 30 : if (req_ver_set == NULL || req_ver_num == 0 || res_ver_set == NULL || res_ver_num == 0) {
3440 0 : return false;
3441 : }
3442 :
3443 30 : libspdm_zero_mem(req_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT);
3444 30 : libspdm_zero_mem(res_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT);
3445 :
3446 30 : libspdm_copy_mem(req_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT,
3447 : req_ver_set, sizeof(spdm_version_number_t) * req_ver_num);
3448 30 : libspdm_copy_mem(res_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT,
3449 : res_ver_set, sizeof(spdm_version_number_t) * res_ver_num);
3450 :
3451 : /* Sort SPDMversion in descending order. */
3452 30 : libspdm_version_number_sort(req_version_list, req_ver_num);
3453 30 : libspdm_version_number_sort(res_version_list, res_ver_num);
3454 :
3455 : /**
3456 : * Find highest same version and make req_index point to it.
3457 : * If not found, return false.
3458 : **/
3459 35 : for (res_index = 0; res_index < res_ver_num; res_index++) {
3460 67 : for (req_index = 0; req_index < req_ver_num; req_index++) {
3461 124 : if (libspdm_get_version_from_version_number(req_version_list[req_index]) ==
3462 62 : libspdm_get_version_from_version_number(res_version_list[res_index])) {
3463 29 : *common_version = req_version_list[req_index];
3464 29 : return true;
3465 : }
3466 : }
3467 : }
3468 1 : return false;
3469 : }
3470 :
3471 : #if LIBSPDM_EVENT_RECIPIENT_SUPPORT
3472 20 : void libspdm_register_event_callback(void *context,
3473 : libspdm_process_event_func process_event_func)
3474 : {
3475 : libspdm_context_t *spdm_context;
3476 :
3477 20 : spdm_context = context;
3478 20 : spdm_context->process_event = process_event_func;
3479 20 : }
3480 : #endif /* LIBSPDM_EVENT_RECIPIENT_SUPPORT */
|
