Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_common_lib.h"
8 : #include "internal/libspdm_secured_message_lib.h"
9 : #include "internal/libspdm_fips_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
12 : /* first section */
13 68178 : uint32_t libspdm_get_scratch_buffer_secure_message_offset(libspdm_context_t *spdm_context) {
14 68178 : return 0;
15 : }
16 :
17 420448 : uint32_t libspdm_get_scratch_buffer_secure_message_capacity(libspdm_context_t *spdm_context) {
18 420448 : return spdm_context->local_context.capability.max_spdm_msg_size +
19 840896 : spdm_context->local_context.capability.transport_header_size +
20 420448 : spdm_context->local_context.capability.transport_tail_size;
21 : }
22 :
23 : /* second section */
24 50 : uint32_t libspdm_get_scratch_buffer_large_message_offset(libspdm_context_t *spdm_context) {
25 50 : return libspdm_get_scratch_buffer_secure_message_capacity(spdm_context);
26 : }
27 :
28 352246 : uint32_t libspdm_get_scratch_buffer_large_message_capacity(libspdm_context_t *spdm_context) {
29 352246 : return spdm_context->local_context.capability.max_spdm_msg_size;
30 : }
31 : #endif
32 :
33 : /* third section */
34 202089 : uint32_t libspdm_get_scratch_buffer_sender_receiver_offset(libspdm_context_t *spdm_context) {
35 202089 : return 0 +
36 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
37 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
38 202089 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
39 : #endif
40 : 0;
41 : }
42 :
43 284001 : uint32_t libspdm_get_scratch_buffer_sender_receiver_capacity(libspdm_context_t *spdm_context) {
44 284001 : return spdm_context->local_context.capability.max_spdm_msg_size +
45 568002 : spdm_context->local_context.capability.transport_header_size +
46 284001 : spdm_context->local_context.capability.transport_tail_size;
47 : }
48 :
49 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
50 : /* fourth section */
51 12937 : uint32_t libspdm_get_scratch_buffer_large_sender_receiver_offset(libspdm_context_t *spdm_context) {
52 12937 : return libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
53 25874 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
54 12937 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context);
55 : }
56 :
57 147542 : uint32_t libspdm_get_scratch_buffer_large_sender_receiver_capacity(libspdm_context_t *spdm_context)
58 : {
59 147542 : return spdm_context->local_context.capability.max_spdm_msg_size +
60 295084 : spdm_context->local_context.capability.transport_header_size +
61 147542 : spdm_context->local_context.capability.transport_tail_size;
62 : }
63 : #endif
64 :
65 : /* fifth section */
66 114 : uint32_t libspdm_get_scratch_buffer_last_spdm_request_offset(libspdm_context_t *spdm_context) {
67 114 : return 0 +
68 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
69 114 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
70 114 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
71 : #endif
72 114 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
73 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
74 114 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
75 : #endif
76 : 0;
77 : }
78 :
79 276417 : uint32_t libspdm_get_scratch_buffer_last_spdm_request_capacity(libspdm_context_t *spdm_context) {
80 276417 : return spdm_context->local_context.capability.max_spdm_msg_size;
81 : }
82 :
83 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
84 : /* sixth section */
85 114 : uint32_t libspdm_get_scratch_buffer_cache_spdm_request_offset(libspdm_context_t *spdm_context) {
86 114 : return 0 +
87 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
88 114 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
89 114 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
90 : #endif
91 114 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
92 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
93 114 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
94 : #endif
95 114 : libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context) +
96 : 0;
97 : }
98 :
99 273729 : uint32_t libspdm_get_scratch_buffer_cache_spdm_request_capacity(libspdm_context_t *spdm_context) {
100 273729 : return spdm_context->local_context.capability.max_spdm_msg_size;
101 : }
102 : #endif
103 :
104 : /* combination */
105 136966 : uint32_t libspdm_get_scratch_buffer_capacity(libspdm_context_t *spdm_context) {
106 136966 : return 0 +
107 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
108 136966 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
109 136966 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
110 : #endif
111 136966 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
112 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
113 136966 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
114 : #endif
115 136966 : libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context) +
116 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
117 136966 : libspdm_get_scratch_buffer_cache_spdm_request_capacity(spdm_context) +
118 : #endif
119 : 0;
120 : }
121 :
122 : /**
123 : * Returns if an SPDM data_type requires session info.
124 : *
125 : * @param data_type SPDM data type.
126 : *
127 : * @retval true session info is required.
128 : * @retval false session info is not required.
129 : **/
130 37 : static bool need_session_info_for_data(libspdm_data_type_t data_type)
131 : {
132 37 : switch (data_type) {
133 0 : case LIBSPDM_DATA_SESSION_SECURED_MESSAGE_VERSION:
134 : case LIBSPDM_DATA_SESSION_USE_PSK:
135 : case LIBSPDM_DATA_SESSION_MUT_AUTH_REQUESTED:
136 : case LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES:
137 : case LIBSPDM_DATA_SESSION_POLICY:
138 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_RSP_DIR:
139 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_REQ_DIR:
140 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_ENDIAN:
141 0 : return true;
142 37 : default:
143 37 : return false;
144 : }
145 : }
146 :
147 19 : libspdm_return_t libspdm_set_data(void *spdm_context, libspdm_data_type_t data_type,
148 : const libspdm_data_parameter_t *parameter, const void *data,
149 : size_t data_size)
150 : {
151 : libspdm_context_t *context;
152 : uint32_t session_id;
153 : uint32_t data32;
154 : libspdm_session_info_t *session_info;
155 : uint8_t slot_id;
156 : uint8_t mut_auth_requested;
157 : uint8_t root_cert_index;
158 : uint16_t data16;
159 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT) && LIBSPDM_CERT_PARSE_SUPPORT
160 : bool status;
161 : const uint8_t *cert_buffer;
162 : size_t cert_buffer_size;
163 : #endif
164 :
165 19 : if (spdm_context == NULL || data == NULL || data_type >= LIBSPDM_DATA_MAX) {
166 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
167 : }
168 :
169 19 : context = spdm_context;
170 :
171 19 : if (need_session_info_for_data(data_type)) {
172 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_SESSION) {
173 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
174 : }
175 0 : session_id = libspdm_read_uint32(parameter->additional_data);
176 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
177 0 : if (session_info == NULL) {
178 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
179 : }
180 : } else {
181 19 : session_info = NULL;
182 : }
183 :
184 19 : switch (data_type) {
185 0 : case LIBSPDM_DATA_SPDM_VERSION:
186 0 : LIBSPDM_ASSERT (data_size <= sizeof(spdm_version_number_t) * SPDM_MAX_VERSION_COUNT);
187 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
188 : /* Only have one connected version */
189 0 : LIBSPDM_ASSERT (data_size == sizeof(spdm_version_number_t));
190 0 : libspdm_copy_mem(&(context->connection_info.version),
191 : sizeof(context->connection_info.version),
192 : data,
193 : sizeof(spdm_version_number_t));
194 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
195 0 : context->local_context.version.spdm_version_count =
196 0 : (uint8_t)(data_size / sizeof(spdm_version_number_t));
197 0 : libspdm_copy_mem(context->local_context.version.spdm_version,
198 : sizeof(context->local_context.version.spdm_version),
199 : data,
200 0 : context->local_context.version.spdm_version_count *
201 : sizeof(spdm_version_number_t));
202 : } else {
203 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
204 : }
205 0 : break;
206 0 : case LIBSPDM_DATA_SECURED_MESSAGE_VERSION:
207 0 : LIBSPDM_ASSERT (data_size <=
208 : sizeof(spdm_version_number_t) * SECURED_SPDM_MAX_VERSION_COUNT);
209 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
210 0 : context->local_context.secured_message_version.spdm_version_count =
211 0 : (uint8_t)(data_size / sizeof(spdm_version_number_t));
212 0 : libspdm_copy_mem(context->local_context.secured_message_version.spdm_version,
213 : sizeof(context->local_context.secured_message_version.spdm_version),
214 : data,
215 0 : context->local_context.secured_message_version.spdm_version_count *
216 : sizeof(spdm_version_number_t));
217 : } else {
218 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
219 : }
220 0 : break;
221 0 : case LIBSPDM_DATA_CAPABILITY_FLAGS:
222 0 : if (data_size != sizeof(uint32_t)) {
223 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
224 : }
225 :
226 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
227 :
228 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
229 : #if !(LIBSPDM_ENABLE_CAPABILITY_CERT_CAP)
230 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP) == 0);
231 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_CERT_CAP */
232 :
233 : #if !(LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP)
234 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP) == 0);
235 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP */
236 :
237 : #if !(LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP)
238 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP) == 0);
239 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
240 :
241 : #if !(LIBSPDM_ENABLE_CAPABILITY_MEL_CAP)
242 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEL_CAP) == 0);
243 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_MEL_CAP */
244 :
245 : #if !(LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP)
246 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP) == 0);
247 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP */
248 :
249 : #if !(LIBSPDM_ENABLE_CAPABILITY_PSK_CAP)
250 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP) == 0);
251 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
252 :
253 : #if !(LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP)
254 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EP_INFO_CAP) == 0);
255 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP */
256 :
257 0 : context->local_context.capability.flags = data32;
258 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
259 0 : context->connection_info.capability.flags = data32;
260 : } else {
261 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
262 : }
263 0 : break;
264 0 : case LIBSPDM_DATA_CAPABILITY_EXT_FLAGS:
265 0 : if (data_size != sizeof(uint16_t)) {
266 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
267 : }
268 :
269 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
270 :
271 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
272 0 : context->local_context.capability.flags = data16;
273 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
274 0 : context->connection_info.capability.flags = data16;
275 : } else {
276 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
277 : }
278 0 : break;
279 0 : case LIBSPDM_DATA_CAPABILITY_CT_EXPONENT:
280 0 : if (data_size != sizeof(uint8_t)) {
281 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
282 : }
283 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
284 0 : context->connection_info.capability.ct_exponent = *(const uint8_t *)data;
285 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
286 0 : context->local_context.capability.ct_exponent = *(const uint8_t *)data;
287 : } else {
288 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
289 : }
290 0 : break;
291 0 : case LIBSPDM_DATA_CAPABILITY_RTT_US:
292 0 : if (data_size != sizeof(uint64_t)) {
293 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
294 : }
295 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
296 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
297 : }
298 0 : context->local_context.capability.rtt = libspdm_read_uint64((const uint8_t *)data);
299 0 : break;
300 0 : case LIBSPDM_DATA_CAPABILITY_MAX_SPDM_MSG_SIZE:
301 0 : if (data_size != sizeof(uint32_t)) {
302 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
303 : }
304 : /* The local max_spdm_msg_size is set by libspdm_register_transport_layer_func.
305 : * Only the connection's max_spdm_msg_size is settable here. */
306 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
307 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
308 : }
309 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
310 0 : LIBSPDM_ASSERT (data32 >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
311 0 : context->connection_info.capability.max_spdm_msg_size = data32;
312 0 : break;
313 0 : case LIBSPDM_DATA_MEASUREMENT_SPEC:
314 0 : if (data_size != sizeof(uint8_t)) {
315 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
316 : }
317 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
318 0 : context->connection_info.algorithm.measurement_spec = *(const uint8_t *)data;
319 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
320 0 : context->local_context.algorithm.measurement_spec = *(const uint8_t *)data;
321 : } else {
322 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
323 : }
324 0 : break;
325 0 : case LIBSPDM_DATA_MEASUREMENT_HASH_ALGO:
326 0 : if (data_size != sizeof(uint32_t)) {
327 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
328 : }
329 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
330 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
331 0 : context->connection_info.algorithm.measurement_hash_algo = data32;
332 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
333 0 : context->local_context.algorithm.measurement_hash_algo = data32;
334 : } else {
335 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
336 : }
337 0 : break;
338 0 : case LIBSPDM_DATA_BASE_ASYM_ALGO:
339 0 : if (data_size != sizeof(uint32_t)) {
340 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
341 : }
342 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
343 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
344 0 : context->connection_info.algorithm.base_asym_algo = data32;
345 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
346 0 : context->local_context.algorithm.base_asym_algo = data32;
347 : } else {
348 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
349 : }
350 0 : break;
351 0 : case LIBSPDM_DATA_BASE_HASH_ALGO:
352 0 : if (data_size != sizeof(uint32_t)) {
353 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
354 : }
355 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
356 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
357 0 : context->connection_info.algorithm.base_hash_algo = data32;
358 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
359 0 : context->local_context.algorithm.base_hash_algo = data32;
360 : } else {
361 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
362 : }
363 0 : break;
364 0 : case LIBSPDM_DATA_DHE_NAME_GROUP:
365 0 : if (data_size != sizeof(uint16_t)) {
366 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
367 : }
368 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
369 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
370 0 : context->connection_info.algorithm.dhe_named_group = data16;
371 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
372 0 : context->local_context.algorithm.dhe_named_group = data16;
373 : } else {
374 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
375 : }
376 0 : break;
377 0 : case LIBSPDM_DATA_AEAD_CIPHER_SUITE:
378 0 : if (data_size != sizeof(uint16_t)) {
379 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
380 : }
381 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
382 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
383 0 : context->connection_info.algorithm.aead_cipher_suite = data16;
384 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
385 0 : context->local_context.algorithm.aead_cipher_suite = data16;
386 : } else {
387 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
388 : }
389 0 : break;
390 0 : case LIBSPDM_DATA_REQ_BASE_ASYM_ALG:
391 0 : if (data_size != sizeof(uint16_t)) {
392 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
393 : }
394 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
395 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
396 0 : context->connection_info.algorithm.req_base_asym_alg = data16;
397 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
398 0 : context->local_context.algorithm.req_base_asym_alg = data16;
399 : } else {
400 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
401 : }
402 0 : break;
403 0 : case LIBSPDM_DATA_KEY_SCHEDULE:
404 0 : if (data_size != sizeof(uint16_t)) {
405 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
406 : }
407 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
408 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
409 0 : context->connection_info.algorithm.key_schedule = data16;
410 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
411 0 : context->local_context.algorithm.key_schedule = data16;
412 : } else {
413 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
414 : }
415 0 : break;
416 0 : case LIBSPDM_DATA_OTHER_PARAMS_SUPPORT:
417 0 : if (data_size != sizeof(uint8_t)) {
418 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
419 : }
420 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
421 0 : context->connection_info.algorithm.other_params_support = *(const uint8_t *)data;
422 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
423 0 : context->local_context.algorithm.other_params_support = *(const uint8_t *)data;
424 : } else {
425 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
426 : }
427 0 : break;
428 0 : case LIBSPDM_DATA_MEL_SPEC:
429 0 : if (data_size != sizeof(uint8_t)) {
430 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
431 : }
432 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
433 0 : context->connection_info.algorithm.mel_spec = *(const uint8_t *)data;
434 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
435 0 : context->local_context.algorithm.mel_spec = *(const uint8_t *)data;
436 : } else {
437 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
438 : }
439 0 : break;
440 0 : case LIBSPDM_DATA_PQC_ASYM_ALGO:
441 0 : if (data_size != sizeof(uint32_t)) {
442 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
443 : }
444 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
445 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
446 0 : context->connection_info.algorithm.pqc_asym_algo = data32;
447 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
448 0 : context->local_context.algorithm.pqc_asym_algo = data32;
449 : } else {
450 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
451 : }
452 0 : break;
453 0 : case LIBSPDM_DATA_REQ_PQC_ASYM_ALG:
454 0 : if (data_size != sizeof(uint32_t)) {
455 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
456 : }
457 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
458 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
459 0 : context->connection_info.algorithm.req_pqc_asym_alg = data32;
460 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
461 0 : context->local_context.algorithm.req_pqc_asym_alg = data32;
462 : } else {
463 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
464 : }
465 0 : break;
466 0 : case LIBSPDM_DATA_KEM_ALG:
467 0 : if (data_size != sizeof(uint32_t)) {
468 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
469 : }
470 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
471 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
472 0 : context->connection_info.algorithm.kem_alg = data32;
473 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
474 0 : context->local_context.algorithm.kem_alg = data32;
475 : } else {
476 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
477 : }
478 0 : break;
479 0 : case LIBSPDM_DATA_ALGO_PRIORITY_PQC_FIRST:
480 0 : if (data_size != sizeof(bool)) {
481 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
482 : }
483 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
484 0 : context->local_context.algorithm.pqc_first = *(const bool *)data;
485 : } else {
486 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
487 : }
488 0 : break;
489 0 : case LIBSPDM_DATA_CONNECTION_STATE:
490 0 : if (data_size != sizeof(libspdm_connection_state_t)) {
491 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
492 : }
493 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
494 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
495 : }
496 0 : context->connection_info.connection_state = libspdm_read_uint32((const uint8_t *)data);
497 0 : break;
498 0 : case LIBSPDM_DATA_RESPONSE_STATE:
499 0 : if (data_size != sizeof(libspdm_response_state_t)) {
500 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
501 : }
502 0 : context->response_state = libspdm_read_uint32((const uint8_t *)data);
503 0 : break;
504 2 : case LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT:
505 2 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
506 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
507 : }
508 2 : root_cert_index = 0;
509 11 : while (context->local_context.peer_root_cert_provision[root_cert_index] != NULL) {
510 10 : root_cert_index++;
511 10 : if (root_cert_index >= LIBSPDM_MAX_ROOT_CERT_SUPPORT) {
512 1 : return LIBSPDM_STATUS_BUFFER_FULL;
513 : }
514 : }
515 1 : context->local_context.peer_root_cert_provision_size[root_cert_index] = data_size;
516 1 : context->local_context.peer_root_cert_provision[root_cert_index] = data;
517 1 : break;
518 0 : case LIBSPDM_DATA_LOCAL_PUBLIC_CERT_CHAIN:
519 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
520 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
521 : }
522 0 : slot_id = parameter->additional_data[0];
523 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
524 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
525 : }
526 0 : context->local_context.local_cert_chain_provision_size[slot_id] = data_size;
527 0 : context->local_context.local_cert_chain_provision[slot_id] = data;
528 0 : break;
529 0 : case LIBSPDM_DATA_LOCAL_SUPPORTED_SLOT_MASK:
530 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
531 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
532 : }
533 0 : if (data_size != sizeof(uint8_t)) {
534 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
535 : }
536 0 : context->local_context.local_supported_slot_mask = *(const uint8_t *)data;
537 0 : break;
538 0 : case LIBSPDM_DATA_LOCAL_KEY_PAIR_ID:
539 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
540 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
541 : }
542 0 : slot_id = parameter->additional_data[0];
543 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
544 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
545 : }
546 0 : if (data_size != sizeof(spdm_key_pair_id_t)) {
547 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
548 : }
549 0 : context->local_context.local_key_pair_id[slot_id] = *(const spdm_key_pair_id_t *)data;
550 0 : break;
551 0 : case LIBSPDM_DATA_LOCAL_CERT_INFO:
552 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
553 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
554 : }
555 0 : slot_id = parameter->additional_data[0];
556 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
557 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
558 : }
559 0 : if (data_size != sizeof(spdm_certificate_info_t)) {
560 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
561 : }
562 0 : context->local_context.local_cert_info[slot_id] = *(const spdm_certificate_info_t *)data;
563 0 : break;
564 0 : case LIBSPDM_DATA_LOCAL_KEY_USAGE_BIT_MASK:
565 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
566 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
567 : }
568 0 : slot_id = parameter->additional_data[0];
569 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
570 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
571 : }
572 0 : if (data_size != sizeof(spdm_key_usage_bit_mask_t)) {
573 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
574 : }
575 0 : context->local_context.local_key_usage_bit_mask[slot_id] =
576 0 : libspdm_read_uint16((const uint8_t *)data);
577 0 : break;
578 3 : case LIBSPDM_DATA_PEER_USED_CERT_CHAIN_BUFFER:
579 3 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
580 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
581 : }
582 3 : slot_id = parameter->additional_data[0];
583 3 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
584 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
585 : }
586 3 : if (data_size > LIBSPDM_MAX_CERT_CHAIN_SIZE) {
587 0 : return LIBSPDM_STATUS_BUFFER_FULL;
588 : }
589 3 : context->connection_info.peer_used_cert_chain_slot_id = slot_id;
590 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
591 : context->connection_info.peer_used_cert_chain[slot_id].buffer_size = data_size;
592 : libspdm_copy_mem(context->connection_info.peer_used_cert_chain[slot_id].buffer,
593 : sizeof(context->connection_info.peer_used_cert_chain[slot_id].buffer),
594 : data, data_size);
595 : #else
596 : #if LIBSPDM_CERT_PARSE_SUPPORT
597 3 : status = libspdm_hash_all(
598 : context->connection_info.algorithm.base_hash_algo,
599 : data, data_size,
600 3 : context->connection_info.peer_used_cert_chain[slot_id].buffer_hash);
601 3 : if (!status) {
602 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
603 : }
604 :
605 6 : context->connection_info.peer_used_cert_chain[slot_id].buffer_hash_size =
606 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
607 :
608 : /*process the SPDM cert header and hash*/
609 3 : data = (const uint8_t *)data + sizeof(spdm_cert_chain_t) +
610 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
611 3 : data_size = data_size -
612 : (sizeof(spdm_cert_chain_t) +
613 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo));
614 :
615 : /* Get leaf cert from cert chain */
616 3 : status = libspdm_x509_get_cert_from_cert_chain(data, data_size, -1,
617 : &cert_buffer, &cert_buffer_size);
618 3 : if (!status) {
619 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
620 : }
621 :
622 3 : status = false;
623 : #if (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT)
624 3 : if (!status) {
625 3 : status = libspdm_rsa_get_public_key_from_x509(
626 : cert_buffer, cert_buffer_size,
627 3 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
628 : }
629 : #endif
630 : #if LIBSPDM_ECDSA_SUPPORT
631 3 : if (!status) {
632 3 : status = libspdm_ec_get_public_key_from_x509(
633 : cert_buffer, cert_buffer_size,
634 3 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
635 : }
636 : #endif
637 : #if (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT)
638 : if (!status) {
639 : status = libspdm_ecd_get_public_key_from_x509(
640 : cert_buffer, cert_buffer_size,
641 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
642 : }
643 : #endif
644 : #if LIBSPDM_SM2_DSA_SUPPORT
645 : if (!status) {
646 : status = libspdm_sm2_get_public_key_from_x509(
647 : cert_buffer, cert_buffer_size,
648 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
649 : }
650 : #endif
651 3 : if (!status) {
652 0 : return LIBSPDM_STATUS_INVALID_CERT;
653 : }
654 : #else
655 : LIBSPDM_ASSERT (false);
656 : #endif /* LIBSPDM_CERT_PARSE_SUPPORT */
657 : #endif /* LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT */
658 3 : break;
659 0 : case LIBSPDM_DATA_PEER_PUBLIC_KEY:
660 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
661 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
662 : }
663 0 : context->local_context.peer_public_key_provision_size = data_size;
664 0 : context->local_context.peer_public_key_provision = data;
665 0 : break;
666 0 : case LIBSPDM_DATA_LOCAL_PUBLIC_KEY:
667 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
668 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
669 : }
670 0 : context->local_context.local_public_key_provision_size = data_size;
671 0 : context->local_context.local_public_key_provision = data;
672 0 : break;
673 0 : case LIBSPDM_DATA_BASIC_MUT_AUTH_REQUESTED:
674 0 : if (data_size != sizeof(bool)) {
675 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
676 : }
677 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
678 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
679 : }
680 0 : mut_auth_requested = *(const uint8_t *)data;
681 0 : if (((mut_auth_requested != 0) && (mut_auth_requested != 1))) {
682 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
683 : }
684 0 : context->local_context.basic_mut_auth_requested = mut_auth_requested;
685 0 : context->encap_context.request_id = 0;
686 0 : slot_id = parameter->additional_data[0];
687 0 : if ((slot_id >= SPDM_MAX_SLOT_COUNT) && (slot_id != 0xFF)) {
688 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
689 : }
690 0 : context->encap_context.req_slot_id = slot_id;
691 :
692 : #if LIBSPDM_DEBUG_PRINT_ENABLE
693 0 : if (mut_auth_requested) {
694 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_INFO,
695 : "Basic mutual authentication is a deprecated feature.\n"));
696 : }
697 : #endif /* LIBSPDM_DEBUG_PRINT_ENABLE */
698 0 : break;
699 0 : case LIBSPDM_DATA_MUT_AUTH_REQUESTED:
700 0 : if (data_size != sizeof(uint8_t)) {
701 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
702 : }
703 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
704 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
705 : }
706 0 : mut_auth_requested = *(const uint8_t *)data;
707 0 : if (((mut_auth_requested != 0) &&
708 : (mut_auth_requested !=
709 0 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED) &&
710 : (mut_auth_requested !=
711 0 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST) &&
712 : (mut_auth_requested !=
713 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS))) {
714 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
715 : }
716 0 : context->local_context.mut_auth_requested = mut_auth_requested;
717 0 : context->encap_context.request_id = 0;
718 0 : slot_id = parameter->additional_data[0];
719 0 : if ((slot_id >= SPDM_MAX_SLOT_COUNT) && (slot_id != 0xFF)) {
720 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
721 : }
722 0 : context->encap_context.req_slot_id = slot_id;
723 0 : break;
724 0 : case LIBSPDM_DATA_MANDATORY_MUT_AUTH:
725 0 : if (data_size != sizeof(bool)) {
726 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
727 : }
728 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
729 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
730 : }
731 0 : context->local_context.mandatory_mut_auth = *(const bool *)data;
732 0 : break;
733 0 : case LIBSPDM_DATA_HEARTBEAT_PERIOD:
734 0 : if (data_size != sizeof(uint8_t)) {
735 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
736 : }
737 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
738 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
739 : }
740 0 : context->local_context.heartbeat_period = *(const uint8_t *)data;
741 0 : break;
742 4 : case LIBSPDM_DATA_APP_CONTEXT_DATA:
743 4 : if (data_size != sizeof(void *) || *(void *const *)data == NULL) {
744 2 : return LIBSPDM_STATUS_INVALID_PARAMETER;
745 : }
746 2 : context->app_context_data_ptr = *(void *const *)data;
747 2 : break;
748 0 : case LIBSPDM_DATA_HANDLE_ERROR_RETURN_POLICY:
749 0 : if (data_size != sizeof(uint8_t)) {
750 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
751 : }
752 0 : context->handle_error_return_policy = *(const uint8_t *)data;
753 0 : break;
754 0 : case LIBSPDM_DATA_VCA_CACHE:
755 0 : if (data_size > sizeof(context->transcript.message_a.buffer)) {
756 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
757 : }
758 0 : context->transcript.message_a.buffer_size = data_size;
759 0 : libspdm_copy_mem(context->transcript.message_a.buffer,
760 : sizeof(context->transcript.message_a.buffer),
761 : data, data_size);
762 0 : break;
763 0 : case LIBSPDM_DATA_IS_REQUESTER:
764 0 : if (data_size != sizeof(bool)) {
765 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
766 : }
767 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
768 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
769 : }
770 0 : context->local_context.is_requester = *(const bool *)data;
771 0 : break;
772 0 : case LIBSPDM_DATA_REQUEST_RETRY_TIMES:
773 0 : if (data_size != sizeof(uint8_t)) {
774 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
775 : }
776 0 : context->retry_times = *(const uint8_t *)data;
777 0 : break;
778 0 : case LIBSPDM_DATA_REQUEST_RETRY_DELAY_TIME:
779 0 : if (data_size != sizeof(uint64_t)) {
780 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
781 : }
782 0 : context->retry_delay_time = *(const uint64_t *)data;
783 0 : break;
784 5 : case LIBSPDM_DATA_MAX_DHE_SESSION_COUNT:
785 5 : if (data_size != sizeof(uint32_t)) {
786 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
787 : }
788 5 : if (*(const uint32_t *)data > LIBSPDM_MAX_SESSION_COUNT - context->max_psk_session_count) {
789 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
790 : }
791 5 : context->max_dhe_session_count = *(const uint32_t *)data;
792 5 : break;
793 5 : case LIBSPDM_DATA_MAX_PSK_SESSION_COUNT:
794 5 : if (data_size != sizeof(uint32_t)) {
795 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
796 : }
797 5 : if (*(const uint32_t *)data > LIBSPDM_MAX_SESSION_COUNT - context->max_dhe_session_count) {
798 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
799 : }
800 5 : context->max_psk_session_count = *(const uint32_t *)data;
801 5 : break;
802 0 : case LIBSPDM_DATA_MAX_SPDM_SESSION_SEQUENCE_NUMBER:
803 0 : if (data_size != sizeof(uint64_t)) {
804 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
805 : }
806 0 : context->max_spdm_session_sequence_number = *(const uint64_t *)data;
807 0 : if (context->max_spdm_session_sequence_number == 0) {
808 0 : context->max_spdm_session_sequence_number = LIBSPDM_MAX_SPDM_SESSION_SEQUENCE_NUMBER;
809 : }
810 0 : break;
811 0 : case LIBSPDM_DATA_SPDM_VERSION_10_11_VERIFY_SIGNATURE_ENDIAN:
812 0 : if (data_size != sizeof(uint8_t)) {
813 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
814 : }
815 0 : if (*(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY &&
816 0 : *(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY &&
817 0 : *(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE) {
818 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
819 : }
820 0 : context->spdm_10_11_verify_signature_endian = *(const uint8_t*)data;
821 0 : break;
822 0 : case LIBSPDM_DATA_SEQUENCE_NUMBER_ENDIAN:
823 0 : if (data_size != sizeof(uint8_t)) {
824 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
825 : }
826 0 : context->sequence_number_endian = *(const uint8_t *)data;
827 0 : break;
828 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_REQ:
829 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
830 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
831 : }
832 0 : if (data_size != sizeof(bool)) {
833 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
834 : }
835 0 : context->connection_info.multi_key_conn_req = *(const bool *)data;
836 0 : break;
837 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_RSP:
838 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
839 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
840 : }
841 0 : if (data_size != sizeof(bool)) {
842 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
843 : }
844 0 : context->connection_info.multi_key_conn_rsp = *(const bool *)data;
845 0 : break;
846 0 : default:
847 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
848 : break;
849 : }
850 :
851 16 : return LIBSPDM_STATUS_SUCCESS;
852 : }
853 :
854 18 : libspdm_return_t libspdm_get_data(void *spdm_context, libspdm_data_type_t data_type,
855 : const libspdm_data_parameter_t *parameter,
856 : void *data, size_t *data_size)
857 : {
858 : libspdm_context_t *context;
859 18 : libspdm_secured_message_context_t *secured_context = NULL;
860 : size_t target_data_size;
861 : void *target_data;
862 : uint32_t session_id;
863 : libspdm_session_info_t *session_info;
864 : size_t digest_size;
865 : size_t digest_count;
866 : uint8_t slot_id;
867 : size_t index;
868 :
869 18 : if (spdm_context == NULL || data == NULL || data_size == NULL ||
870 : data_type >= LIBSPDM_DATA_MAX) {
871 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
872 : }
873 :
874 18 : context = spdm_context;
875 :
876 18 : if (data_type == LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES) {
877 : /* end_session_attributes is present in both a session context as well as an
878 : * spdm context. */
879 0 : session_id = libspdm_read_uint32(parameter->additional_data);
880 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
881 18 : } else if (need_session_info_for_data(data_type)) {
882 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_SESSION) {
883 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
884 : }
885 0 : session_id = libspdm_read_uint32(parameter->additional_data);
886 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
887 0 : if (session_info == NULL) {
888 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
889 : }
890 0 : secured_context = session_info->secured_message_context;
891 : } else {
892 18 : session_info = NULL;
893 : }
894 :
895 18 : switch (data_type) {
896 0 : case LIBSPDM_DATA_SPDM_VERSION:
897 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
898 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
899 : }
900 0 : target_data_size = sizeof(spdm_version_number_t);
901 0 : target_data = &(context->connection_info.version);
902 0 : break;
903 0 : case LIBSPDM_DATA_SESSION_SECURED_MESSAGE_VERSION:
904 0 : target_data_size = sizeof(spdm_version_number_t);
905 0 : target_data = &(secured_context->secured_message_version);
906 0 : break;
907 0 : case LIBSPDM_DATA_CAPABILITY_FLAGS:
908 0 : target_data_size = sizeof(uint32_t);
909 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
910 0 : target_data = &context->connection_info.capability.flags;
911 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
912 0 : target_data = &context->local_context.capability.flags;
913 : } else {
914 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
915 : }
916 0 : break;
917 0 : case LIBSPDM_DATA_CAPABILITY_EXT_FLAGS:
918 0 : target_data_size = sizeof(uint16_t);
919 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
920 0 : target_data = &context->connection_info.capability.ext_flags;
921 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
922 0 : target_data = &context->local_context.capability.ext_flags;
923 : } else {
924 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
925 : }
926 0 : break;
927 0 : case LIBSPDM_DATA_CAPABILITY_CT_EXPONENT:
928 0 : target_data_size = sizeof(uint8_t);
929 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
930 0 : target_data = &context->connection_info.capability.ct_exponent;
931 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
932 0 : target_data = &context->local_context.capability.ct_exponent;
933 : } else {
934 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
935 : }
936 0 : break;
937 0 : case LIBSPDM_DATA_CAPABILITY_DATA_TRANSFER_SIZE:
938 0 : target_data_size = sizeof(uint32_t);
939 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
940 0 : target_data = &context->connection_info.capability.data_transfer_size;
941 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
942 0 : target_data = &context->local_context.capability.data_transfer_size;
943 : } else {
944 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
945 : }
946 0 : break;
947 0 : case LIBSPDM_DATA_CAPABILITY_MAX_SPDM_MSG_SIZE:
948 0 : target_data_size = sizeof(uint32_t);
949 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
950 0 : target_data = &context->connection_info.capability.max_spdm_msg_size;
951 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
952 0 : target_data = &context->local_context.capability.max_spdm_msg_size;
953 : } else {
954 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
955 : }
956 0 : break;
957 0 : case LIBSPDM_DATA_CAPABILITY_SENDER_DATA_TRANSFER_SIZE:
958 0 : target_data_size = sizeof(uint32_t);
959 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
960 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
961 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
962 0 : target_data = &context->local_context.capability.sender_data_transfer_size;
963 : } else {
964 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
965 : }
966 0 : break;
967 0 : case LIBSPDM_DATA_MEASUREMENT_SPEC:
968 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
969 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
970 : }
971 0 : target_data_size = sizeof(uint8_t);
972 0 : target_data = &context->connection_info.algorithm.measurement_spec;
973 0 : break;
974 0 : case LIBSPDM_DATA_MEASUREMENT_HASH_ALGO:
975 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
976 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
977 : }
978 0 : target_data_size = sizeof(uint32_t);
979 0 : target_data = &context->connection_info.algorithm.measurement_hash_algo;
980 0 : break;
981 0 : case LIBSPDM_DATA_BASE_ASYM_ALGO:
982 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
983 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
984 : }
985 0 : target_data_size = sizeof(uint32_t);
986 0 : target_data = &context->connection_info.algorithm.base_asym_algo;
987 0 : break;
988 0 : case LIBSPDM_DATA_BASE_HASH_ALGO:
989 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
990 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
991 : }
992 0 : target_data_size = sizeof(uint32_t);
993 0 : target_data = &context->connection_info.algorithm.base_hash_algo;
994 0 : break;
995 0 : case LIBSPDM_DATA_DHE_NAME_GROUP:
996 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
997 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
998 : }
999 0 : target_data_size = sizeof(uint16_t);
1000 0 : target_data = &context->connection_info.algorithm.dhe_named_group;
1001 0 : break;
1002 0 : case LIBSPDM_DATA_AEAD_CIPHER_SUITE:
1003 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1004 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1005 : }
1006 0 : target_data_size = sizeof(uint16_t);
1007 0 : target_data = &context->connection_info.algorithm.aead_cipher_suite;
1008 0 : break;
1009 0 : case LIBSPDM_DATA_REQ_BASE_ASYM_ALG:
1010 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1011 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1012 : }
1013 0 : target_data_size = sizeof(uint16_t);
1014 0 : target_data = &context->connection_info.algorithm.req_base_asym_alg;
1015 0 : break;
1016 0 : case LIBSPDM_DATA_KEY_SCHEDULE:
1017 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1018 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1019 : }
1020 0 : target_data_size = sizeof(uint16_t);
1021 0 : target_data = &context->connection_info.algorithm.key_schedule;
1022 0 : break;
1023 0 : case LIBSPDM_DATA_OTHER_PARAMS_SUPPORT:
1024 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1025 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1026 : }
1027 0 : target_data_size = sizeof(uint8_t);
1028 0 : target_data = &context->connection_info.algorithm.other_params_support;
1029 0 : break;
1030 0 : case LIBSPDM_DATA_MEL_SPEC:
1031 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1032 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1033 : }
1034 0 : target_data_size = sizeof(uint8_t);
1035 0 : target_data = &context->connection_info.algorithm.mel_spec;
1036 0 : break;
1037 0 : case LIBSPDM_DATA_PQC_ASYM_ALGO:
1038 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1039 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1040 : }
1041 0 : target_data_size = sizeof(uint32_t);
1042 0 : target_data = &context->connection_info.algorithm.pqc_asym_algo;
1043 0 : break;
1044 0 : case LIBSPDM_DATA_REQ_PQC_ASYM_ALG:
1045 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1046 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1047 : }
1048 0 : target_data_size = sizeof(uint32_t);
1049 0 : target_data = &context->connection_info.algorithm.req_pqc_asym_alg;
1050 0 : break;
1051 0 : case LIBSPDM_DATA_KEM_ALG:
1052 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1053 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1054 : }
1055 0 : target_data_size = sizeof(uint32_t);
1056 0 : target_data = &context->connection_info.algorithm.kem_alg;
1057 0 : break;
1058 0 : case LIBSPDM_DATA_CONNECTION_STATE:
1059 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1060 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1061 : }
1062 0 : target_data_size = sizeof(libspdm_connection_state_t);
1063 0 : target_data = &context->connection_info.connection_state;
1064 0 : break;
1065 0 : case LIBSPDM_DATA_RESPONSE_STATE:
1066 0 : target_data_size = sizeof(libspdm_response_state_t);
1067 0 : target_data = &context->response_state;
1068 0 : break;
1069 6 : case LIBSPDM_DATA_PEER_PROVISIONED_SLOT_MASK:
1070 6 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1071 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1072 : }
1073 6 : target_data_size = sizeof(uint8_t);
1074 6 : target_data = &context->connection_info.peer_provisioned_slot_mask;
1075 6 : break;
1076 0 : case LIBSPDM_DATA_PEER_SUPPORTED_SLOT_MASK:
1077 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1078 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1079 : }
1080 0 : target_data_size = sizeof(uint8_t);
1081 0 : target_data = &context->connection_info.peer_supported_slot_mask;
1082 0 : break;
1083 6 : case LIBSPDM_DATA_PEER_TOTAL_DIGEST_BUFFER:
1084 6 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1085 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1086 : }
1087 6 : digest_count = 0;
1088 54 : for (index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
1089 48 : if (context->connection_info.peer_provisioned_slot_mask & (1 << index)) {
1090 20 : digest_count++;
1091 : }
1092 : }
1093 6 : digest_size = libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
1094 6 : target_data_size = digest_size * digest_count;
1095 6 : target_data = context->connection_info.peer_total_digest_buffer;
1096 6 : break;
1097 0 : case LIBSPDM_DATA_PEER_KEY_PAIR_ID:
1098 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1099 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1100 : }
1101 0 : slot_id = parameter->additional_data[0];
1102 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1103 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1104 : }
1105 0 : target_data_size = sizeof(spdm_key_pair_id_t);
1106 0 : target_data = &context->connection_info.peer_key_pair_id[slot_id];
1107 0 : break;
1108 0 : case LIBSPDM_DATA_PEER_CERT_INFO:
1109 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1110 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1111 : }
1112 0 : slot_id = parameter->additional_data[0];
1113 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1114 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1115 : }
1116 0 : target_data_size = sizeof(spdm_certificate_info_t);
1117 0 : target_data = &context->connection_info.peer_cert_info[slot_id];
1118 0 : break;
1119 0 : case LIBSPDM_DATA_PEER_KEY_USAGE_BIT_MASK:
1120 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1121 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1122 : }
1123 0 : slot_id = parameter->additional_data[0];
1124 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1125 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1126 : }
1127 0 : target_data_size = sizeof(spdm_key_usage_bit_mask_t);
1128 0 : target_data = &context->connection_info.peer_key_usage_bit_mask[slot_id];
1129 0 : break;
1130 0 : case LIBSPDM_DATA_SESSION_USE_PSK:
1131 0 : target_data_size = sizeof(bool);
1132 0 : target_data = &session_info->use_psk;
1133 0 : break;
1134 0 : case LIBSPDM_DATA_SESSION_MUT_AUTH_REQUESTED:
1135 0 : target_data_size = sizeof(uint8_t);
1136 0 : target_data = &session_info->mut_auth_requested;
1137 0 : break;
1138 0 : case LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES:
1139 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1140 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1141 : }
1142 0 : target_data_size = sizeof(uint8_t);
1143 0 : if (session_info == NULL) {
1144 0 : target_data = &context->connection_info.end_session_attributes;
1145 : } else {
1146 0 : target_data = &session_info->end_session_attributes;
1147 : }
1148 0 : break;
1149 0 : case LIBSPDM_DATA_SESSION_POLICY:
1150 0 : target_data_size = sizeof(uint8_t);
1151 0 : target_data = &session_info->session_policy;
1152 0 : break;
1153 6 : case LIBSPDM_DATA_APP_CONTEXT_DATA:
1154 6 : target_data_size = sizeof(void *);
1155 6 : target_data = &context->app_context_data_ptr;
1156 6 : break;
1157 0 : case LIBSPDM_DATA_HANDLE_ERROR_RETURN_POLICY:
1158 0 : target_data_size = sizeof(uint8_t);
1159 0 : target_data = &context->handle_error_return_policy;
1160 0 : break;
1161 0 : case LIBSPDM_DATA_MAX_DHE_SESSION_COUNT:
1162 0 : target_data_size = sizeof(uint32_t);
1163 0 : target_data = &context->max_dhe_session_count;
1164 0 : break;
1165 0 : case LIBSPDM_DATA_MAX_PSK_SESSION_COUNT:
1166 0 : target_data_size = sizeof(uint32_t);
1167 0 : target_data = &context->max_psk_session_count;
1168 0 : break;
1169 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_REQ_DIR:
1170 0 : target_data_size = sizeof(uint64_t);
1171 0 : target_data = &secured_context->application_secret.request_data_sequence_number;
1172 0 : break;
1173 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_RSP_DIR:
1174 0 : target_data_size = sizeof(uint64_t);
1175 0 : target_data = &secured_context->application_secret.response_data_sequence_number;
1176 0 : break;
1177 0 : case LIBSPDM_DATA_MAX_SPDM_SESSION_SEQUENCE_NUMBER:
1178 0 : target_data_size = sizeof(uint64_t);
1179 0 : target_data = &context->max_spdm_session_sequence_number;
1180 0 : break;
1181 0 : case LIBSPDM_DATA_VCA_CACHE:
1182 0 : target_data_size = context->transcript.message_a.buffer_size;
1183 0 : target_data = context->transcript.message_a.buffer;
1184 0 : break;
1185 0 : case LIBSPDM_DATA_REQUEST_AND_SIZE:
1186 0 : target_data_size = context->last_spdm_request_size;
1187 0 : target_data = context->last_spdm_request;
1188 0 : break;
1189 0 : case LIBSPDM_DATA_SPDM_VERSION_10_11_VERIFY_SIGNATURE_ENDIAN:
1190 0 : target_data_size = sizeof(uint8_t);
1191 0 : target_data = &context->spdm_10_11_verify_signature_endian;
1192 0 : break;
1193 0 : case LIBSPDM_DATA_SEQUENCE_NUMBER_ENDIAN:
1194 0 : target_data_size = sizeof(uint8_t);
1195 0 : target_data = &context->sequence_number_endian;
1196 0 : break;
1197 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_ENDIAN:
1198 0 : target_data_size = sizeof(uint8_t);
1199 0 : target_data = &secured_context->sequence_number_endian;
1200 0 : break;
1201 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_REQ:
1202 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1203 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1204 : }
1205 0 : target_data_size = sizeof(bool);
1206 0 : target_data = &context->connection_info.multi_key_conn_req;
1207 0 : break;
1208 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_RSP:
1209 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1210 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1211 : }
1212 0 : target_data_size = sizeof(bool);
1213 0 : target_data = &context->connection_info.multi_key_conn_rsp;
1214 0 : break;
1215 0 : default:
1216 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
1217 : break;
1218 : }
1219 :
1220 18 : if (*data_size < target_data_size) {
1221 1 : *data_size = target_data_size;
1222 1 : return LIBSPDM_STATUS_BUFFER_TOO_SMALL;
1223 : }
1224 17 : libspdm_copy_mem(data, *data_size, target_data, target_data_size);
1225 17 : *data_size = target_data_size;
1226 :
1227 17 : return LIBSPDM_STATUS_SUCCESS;
1228 : }
1229 :
1230 : #if LIBSPDM_CHECK_SPDM_CONTEXT
1231 3 : bool libspdm_check_context (void *spdm_context)
1232 : {
1233 : libspdm_context_t *context;
1234 : size_t index;
1235 :
1236 3 : context = spdm_context;
1237 :
1238 3 : if (context->local_context.capability.data_transfer_size <
1239 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12) {
1240 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1241 : "data_transfer_size must be greater than or equal "
1242 : "to SPDM_MIN_DATA_TRANSFER_SIZE (%d).\n",
1243 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12));
1244 1 : return false;
1245 : }
1246 :
1247 2 : if (context->local_context.capability.max_spdm_msg_size <
1248 2 : context->local_context.capability.data_transfer_size) {
1249 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1250 : "max_spdm_msg_size (%d) must be greater than or "
1251 : "equal to data_transfer_size (%d).\n",
1252 : context->local_context.capability.max_spdm_msg_size,
1253 : context->local_context.capability.data_transfer_size));
1254 1 : return false;
1255 : }
1256 :
1257 1 : if (context->local_context.capability.sender_data_transfer_size <
1258 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12) {
1259 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1260 : "sender_data_transfer_size must be greater than or equal "
1261 : "to %d.\n", SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12));
1262 0 : return false;
1263 : }
1264 :
1265 1 : if (context->local_context.capability.max_spdm_msg_size <
1266 1 : context->local_context.capability.sender_data_transfer_size) {
1267 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1268 : "max_spdm_msg_size (%d) must be greater than or "
1269 : "equal to sender_data_transfer_size (%d).\n",
1270 : context->local_context.capability.max_spdm_msg_size,
1271 : context->local_context.capability.sender_data_transfer_size));
1272 0 : return false;
1273 : }
1274 :
1275 1 : if (((context->local_context.capability.flags &
1276 0 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHUNK_CAP) != 0) &&
1277 0 : (context->local_context.capability.max_spdm_msg_size != 0)) {
1278 0 : for (index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
1279 0 : if ((context->local_context.local_cert_chain_provision_size[index] != 0) &&
1280 0 : (context->local_context.local_cert_chain_provision_size[index] +
1281 : sizeof(spdm_certificate_response_t) >
1282 0 : context->local_context.capability.max_spdm_msg_size)) {
1283 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1284 : "max_spdm_msg_size (%d) must be greater than or "
1285 : "equal to local_cert_chain_provision_size[%zu] (%zu).\n",
1286 : context->local_context.capability.max_spdm_msg_size, index,
1287 : context->local_context.local_cert_chain_provision_size[index]));
1288 0 : return false;
1289 : }
1290 : }
1291 : }
1292 :
1293 1 : return true;
1294 : }
1295 : #endif /* LIBSPDM_CHECK_CONTEXT */
1296 :
1297 : /**
1298 : * Reset message A cache in SPDM context.
1299 : *
1300 : * @param spdm_context A pointer to the SPDM context.
1301 : **/
1302 677 : void libspdm_reset_message_a(libspdm_context_t *spdm_context)
1303 : {
1304 677 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_a);
1305 677 : }
1306 :
1307 : /**
1308 : * Reset message D cache in SPDM context.
1309 : *
1310 : * @param spdm_context A pointer to the SPDM context.
1311 : **/
1312 51 : void libspdm_reset_message_d(libspdm_context_t *spdm_context)
1313 : {
1314 51 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_d);
1315 51 : }
1316 :
1317 : /**
1318 : * Reset message B cache in SPDM context.
1319 : *
1320 : * @param spdm_context A pointer to the SPDM context.
1321 : **/
1322 1003 : void libspdm_reset_message_b(libspdm_context_t *spdm_context)
1323 : {
1324 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1325 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_b);
1326 : #else
1327 1003 : if (spdm_context->transcript.digest_context_m1m2 != NULL) {
1328 184 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1329 : spdm_context->transcript.digest_context_m1m2);
1330 184 : spdm_context->transcript.digest_context_m1m2 = NULL;
1331 : }
1332 : #endif
1333 1003 : }
1334 :
1335 : /**
1336 : * Reset message C cache in SPDM context.
1337 : *
1338 : * @param spdm_context A pointer to the SPDM context.
1339 : **/
1340 589 : void libspdm_reset_message_c(libspdm_context_t *spdm_context)
1341 : {
1342 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1343 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_c);
1344 : #else
1345 589 : if (spdm_context->transcript.digest_context_m1m2 != NULL) {
1346 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1347 : spdm_context->transcript.digest_context_m1m2);
1348 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1349 : }
1350 : #endif
1351 589 : }
1352 :
1353 : /**
1354 : * Reset message MutB cache in SPDM context.
1355 : *
1356 : * @param spdm_context A pointer to the SPDM context.
1357 : **/
1358 480 : void libspdm_reset_message_mut_b(libspdm_context_t *spdm_context)
1359 : {
1360 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1361 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_mut_b);
1362 : #else
1363 480 : if (spdm_context->transcript.digest_context_mut_m1m2 != NULL) {
1364 33 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1365 : spdm_context->transcript.digest_context_mut_m1m2);
1366 33 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1367 : }
1368 : #endif
1369 480 : }
1370 :
1371 : /**
1372 : * Reset message MutC cache in SPDM context.
1373 : *
1374 : * @param spdm_context A pointer to the SPDM context.
1375 : **/
1376 458 : void libspdm_reset_message_mut_c(libspdm_context_t *spdm_context)
1377 : {
1378 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1379 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_mut_c);
1380 : #else
1381 458 : if (spdm_context->transcript.digest_context_mut_m1m2 != NULL) {
1382 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1383 : spdm_context->transcript.digest_context_mut_m1m2);
1384 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1385 : }
1386 : #endif
1387 458 : }
1388 :
1389 : /**
1390 : * Reset message M cache in SPDM context.
1391 : * If session_info is NULL, this function will use M cache of SPDM context,
1392 : * else will use M cache of SPDM session context.
1393 : *
1394 : * @param spdm_context A pointer to the SPDM context.
1395 : * @param session_info A pointer to the SPDM session context.
1396 : **/
1397 4159 : void libspdm_reset_message_m(libspdm_context_t *spdm_context, void *session_info)
1398 : {
1399 : libspdm_session_info_t *spdm_session_info;
1400 :
1401 4159 : spdm_session_info = session_info;
1402 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1403 : if (spdm_session_info == NULL) {
1404 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_m);
1405 : } else {
1406 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_m);
1407 : }
1408 : #else
1409 4159 : if (spdm_session_info == NULL) {
1410 3879 : if (spdm_context->transcript.digest_context_l1l2 != NULL) {
1411 62 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1412 : spdm_context->transcript.digest_context_l1l2);
1413 62 : spdm_context->transcript.digest_context_l1l2 = NULL;
1414 : }
1415 : } else {
1416 280 : if (spdm_session_info->session_transcript.digest_context_l1l2 != NULL) {
1417 2 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1418 : spdm_session_info->session_transcript.digest_context_l1l2);
1419 2 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1420 : }
1421 : }
1422 : #endif
1423 4159 : }
1424 :
1425 : /**
1426 : * Reset message K cache in SPDM context.
1427 : *
1428 : * @param spdm_context A pointer to the SPDM context.
1429 : * @param spdm_session_info A pointer to the SPDM session context.
1430 : **/
1431 0 : void libspdm_reset_message_k(libspdm_context_t *spdm_context, void *session_info)
1432 : {
1433 : libspdm_session_info_t *spdm_session_info;
1434 :
1435 0 : spdm_session_info = session_info;
1436 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1437 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_k);
1438 : #else
1439 : {
1440 0 : if (spdm_session_info->session_transcript.digest_context_th != NULL) {
1441 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1442 : spdm_session_info->session_transcript.digest_context_th);
1443 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
1444 : }
1445 0 : if (spdm_session_info->session_transcript.digest_context_th_backup != NULL) {
1446 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1447 : spdm_session_info->session_transcript.digest_context_th_backup);
1448 0 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
1449 : }
1450 : }
1451 : #endif
1452 0 : }
1453 :
1454 : /**
1455 : * Reset message EncapD cache in SPDM context.
1456 : *
1457 : * @param spdm_context A pointer to the SPDM context.
1458 : * @param spdm_session_info A pointer to the SPDM session context.
1459 : **/
1460 6 : void libspdm_reset_message_encap_d(libspdm_context_t *spdm_context, void *session_info)
1461 : {
1462 : libspdm_session_info_t *spdm_session_info;
1463 :
1464 6 : spdm_session_info = session_info;
1465 6 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_encap_d);
1466 6 : }
1467 :
1468 : /**
1469 : * Reset message F cache in SPDM context.
1470 : *
1471 : * @param spdm_context A pointer to the SPDM context.
1472 : * @param spdm_session_info A pointer to the SPDM session context.
1473 : **/
1474 21 : void libspdm_reset_message_f(libspdm_context_t *spdm_context, void *session_info)
1475 : {
1476 : libspdm_session_info_t *spdm_session_info;
1477 :
1478 21 : spdm_session_info = session_info;
1479 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1480 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_f);
1481 : #else
1482 : {
1483 21 : if (spdm_session_info->session_transcript.digest_context_th != NULL) {
1484 21 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1485 : spdm_session_info->session_transcript.digest_context_th);
1486 21 : spdm_session_info->session_transcript.digest_context_th =
1487 21 : spdm_session_info->session_transcript.digest_context_th_backup;
1488 21 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
1489 : }
1490 21 : spdm_session_info->session_transcript.message_f_initialized = false;
1491 : }
1492 : #endif
1493 21 : }
1494 :
1495 : /**
1496 : * Reset message E cache in SPDM context.
1497 : * If session_info is NULL, this function will use E cache of SPDM context,
1498 : * else will use E cache of SPDM session context.
1499 : *
1500 : * @param spdm_context A pointer to the SPDM context.
1501 : * @param spdm_session_info A pointer to the SPDM session context.
1502 : **/
1503 143 : void libspdm_reset_message_e(libspdm_context_t *spdm_context, void *session_info)
1504 : {
1505 : libspdm_session_info_t *spdm_session_info;
1506 :
1507 143 : spdm_session_info = session_info;
1508 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1509 : if (spdm_session_info == NULL) {
1510 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_e);
1511 : } else {
1512 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_e);
1513 : }
1514 : #else
1515 143 : if (spdm_session_info == NULL) {
1516 135 : if (spdm_context->transcript.digest_context_il1il2 != NULL) {
1517 14 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1518 : spdm_context->transcript.digest_context_il1il2);
1519 14 : spdm_context->transcript.digest_context_il1il2 = NULL;
1520 : }
1521 : } else {
1522 8 : if (spdm_session_info->session_transcript.digest_context_il1il2 != NULL) {
1523 3 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1524 : spdm_session_info->session_transcript.digest_context_il1il2);
1525 3 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
1526 : }
1527 : }
1528 : #endif
1529 143 : }
1530 :
1531 : /**
1532 : * Reset message encap E cache in SPDM context.
1533 : * If session_info is NULL, this function will use encap E cache of SPDM context,
1534 : * else will use encap E cache of SPDM session context.
1535 : *
1536 : * @param spdm_context A pointer to the SPDM context.
1537 : * @param spdm_session_info A pointer to the SPDM session context.
1538 : **/
1539 102 : void libspdm_reset_message_encap_e(libspdm_context_t *spdm_context, void *session_info)
1540 : {
1541 : libspdm_session_info_t *spdm_session_info;
1542 :
1543 102 : spdm_session_info = session_info;
1544 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1545 : if (spdm_session_info == NULL) {
1546 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_encap_e);
1547 : } else {
1548 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_encap_e);
1549 : }
1550 : #else
1551 102 : if (spdm_session_info == NULL) {
1552 95 : if (spdm_context->transcript.digest_context_encap_il1il2 != NULL) {
1553 12 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1554 : spdm_context->transcript.digest_context_encap_il1il2);
1555 12 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
1556 : }
1557 : } else {
1558 7 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 != NULL) {
1559 2 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1560 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
1561 2 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
1562 : }
1563 : }
1564 : #endif
1565 102 : }
1566 :
1567 : /**
1568 : * Reset message buffer in SPDM context according to request code.
1569 : *
1570 : * @param spdm_context A pointer to the SPDM context.
1571 : * @param spdm_session_info A pointer to the SPDM session context.
1572 : * @param spdm_request The SPDM request code.
1573 : */
1574 4295 : void libspdm_reset_message_buffer_via_request_code(void *context, void *session_info,
1575 : uint8_t request_code)
1576 : {
1577 : libspdm_context_t *spdm_context;
1578 :
1579 4295 : spdm_context = context;
1580 : /**
1581 : * Any request other than SPDM_GET_MEASUREMENTS resets L1/L2
1582 : */
1583 4295 : if (request_code != SPDM_GET_MEASUREMENTS) {
1584 3870 : libspdm_reset_message_m(spdm_context, session_info);
1585 : }
1586 : /**
1587 : * If the Requester issued GET_MEASUREMENTS or KEY_EXCHANGE or FINISH or PSK_EXCHANGE
1588 : * or PSK_FINISH or KEY_UPDATE or HEARTBEAT or GET_ENCAPSULATED_REQUEST or DELIVER_ENCAPSULATED_RESPONSE
1589 : * or END_SESSION request(s) or SPDM_GET_MEASUREMENT_EXTENSION_LOG and skipped CHALLENGE completion, M1 and M2 are reset to null.
1590 : */
1591 4295 : switch (request_code)
1592 : {
1593 876 : case SPDM_KEY_EXCHANGE:
1594 : case SPDM_GET_MEASUREMENTS:
1595 : case SPDM_FINISH:
1596 : case SPDM_PSK_EXCHANGE:
1597 : case SPDM_PSK_FINISH:
1598 : case SPDM_KEY_UPDATE:
1599 : case SPDM_HEARTBEAT:
1600 : case SPDM_GET_ENCAPSULATED_REQUEST:
1601 : case SPDM_END_SESSION:
1602 : case SPDM_GET_MEASUREMENT_EXTENSION_LOG:
1603 876 : if (spdm_context->connection_info.connection_state <
1604 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED) {
1605 434 : libspdm_reset_message_b(spdm_context);
1606 434 : libspdm_reset_message_c(spdm_context);
1607 434 : libspdm_reset_message_mut_b(spdm_context);
1608 434 : libspdm_reset_message_mut_c(spdm_context);
1609 : }
1610 876 : break;
1611 5 : case SPDM_DELIVER_ENCAPSULATED_RESPONSE:
1612 5 : if (spdm_context->connection_info.connection_state <
1613 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED) {
1614 5 : libspdm_reset_message_b(spdm_context);
1615 5 : libspdm_reset_message_c(spdm_context);
1616 : }
1617 5 : break;
1618 60 : case SPDM_GET_DIGESTS:
1619 60 : libspdm_reset_message_b(spdm_context);
1620 60 : break;
1621 56 : case SPDM_GET_ENDPOINT_INFO:
1622 56 : libspdm_reset_message_e(spdm_context, session_info);
1623 56 : libspdm_reset_message_encap_e(spdm_context, session_info);
1624 56 : break;
1625 3298 : default:
1626 3298 : break;
1627 : }
1628 4295 : }
1629 :
1630 177 : libspdm_return_t libspdm_append_message_a(libspdm_context_t *spdm_context, const void *message,
1631 : size_t message_size)
1632 : {
1633 177 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_a,
1634 : message, message_size);
1635 : }
1636 :
1637 7 : libspdm_return_t libspdm_append_message_d(libspdm_context_t *spdm_context, const void *message,
1638 : size_t message_size)
1639 : {
1640 : /* Only the first message D after VCA in connection counts */
1641 7 : if (libspdm_get_managed_buffer_size(&spdm_context->transcript.message_d) != 0) {
1642 1 : return LIBSPDM_STATUS_SUCCESS;
1643 : }
1644 6 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_d,
1645 : message, message_size);
1646 : }
1647 :
1648 5934 : libspdm_return_t libspdm_append_message_b(libspdm_context_t *spdm_context, const void *message,
1649 : size_t message_size)
1650 : {
1651 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1652 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_b,
1653 : message, message_size);
1654 : #else
1655 : {
1656 : bool result;
1657 :
1658 5934 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1659 163 : spdm_context->transcript.digest_context_m1m2 = libspdm_hash_new (
1660 : spdm_context->connection_info.algorithm.base_hash_algo);
1661 163 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1662 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1663 : }
1664 163 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1665 : spdm_context->transcript.digest_context_m1m2);
1666 163 : if (!result) {
1667 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1668 : spdm_context->transcript.digest_context_m1m2);
1669 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1670 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1671 : }
1672 163 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1673 : spdm_context->transcript.digest_context_m1m2,
1674 163 : libspdm_get_managed_buffer(&spdm_context->transcript.
1675 : message_a),
1676 163 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1677 : message_a));
1678 163 : if (!result) {
1679 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1680 : spdm_context->transcript.digest_context_m1m2);
1681 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1682 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1683 : }
1684 : }
1685 :
1686 5934 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1687 : spdm_context->transcript.digest_context_m1m2, message,
1688 : message_size);
1689 5934 : if (!result) {
1690 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1691 : spdm_context->transcript.digest_context_m1m2);
1692 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1693 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1694 : }
1695 :
1696 5934 : return LIBSPDM_STATUS_SUCCESS;
1697 : }
1698 : #endif
1699 : }
1700 :
1701 52 : libspdm_return_t libspdm_append_message_c(libspdm_context_t *spdm_context, const void *message,
1702 : size_t message_size)
1703 : {
1704 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1705 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_c,
1706 : message, message_size);
1707 : #else
1708 : {
1709 : bool result;
1710 :
1711 52 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1712 25 : spdm_context->transcript.digest_context_m1m2 = libspdm_hash_new (
1713 : spdm_context->connection_info.algorithm.base_hash_algo);
1714 25 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1715 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1716 : }
1717 25 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1718 : spdm_context->transcript.digest_context_m1m2);
1719 25 : if (!result) {
1720 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1721 : spdm_context->transcript.digest_context_m1m2);
1722 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1723 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1724 : }
1725 25 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1726 : spdm_context->transcript.digest_context_m1m2,
1727 25 : libspdm_get_managed_buffer(&spdm_context->transcript.
1728 : message_a),
1729 25 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1730 : message_a));
1731 25 : if (!result) {
1732 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1733 : spdm_context->transcript.digest_context_m1m2);
1734 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1735 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1736 : }
1737 : }
1738 :
1739 52 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1740 : spdm_context->transcript.digest_context_m1m2, message,
1741 : message_size);
1742 52 : if (!result) {
1743 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1744 : spdm_context->transcript.digest_context_m1m2);
1745 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1746 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1747 : }
1748 :
1749 52 : return LIBSPDM_STATUS_SUCCESS;
1750 : }
1751 : #endif
1752 : }
1753 :
1754 2847 : libspdm_return_t libspdm_append_message_mut_b(libspdm_context_t *spdm_context, const void *message,
1755 : size_t message_size)
1756 : {
1757 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1758 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_mut_b,
1759 : message, message_size);
1760 : #else
1761 : {
1762 : bool result;
1763 :
1764 2847 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1765 32 : spdm_context->transcript.digest_context_mut_m1m2 = libspdm_hash_new (
1766 : spdm_context->connection_info.algorithm.base_hash_algo);
1767 32 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1768 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1769 : }
1770 32 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1771 : spdm_context->transcript.digest_context_mut_m1m2);
1772 32 : if (!result) {
1773 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1774 : spdm_context->transcript.digest_context_mut_m1m2);
1775 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1776 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1777 : }
1778 32 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1779 : SPDM_MESSAGE_VERSION_11) {
1780 :
1781 : /* Need append VCA since 1.2 script */
1782 5 : result = libspdm_hash_update (
1783 : spdm_context->connection_info.algorithm.base_hash_algo,
1784 : spdm_context->transcript.digest_context_mut_m1m2,
1785 5 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
1786 5 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1787 : message_a));
1788 5 : if (!result) {
1789 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1790 : spdm_context->transcript.digest_context_mut_m1m2);
1791 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1792 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1793 : }
1794 : }
1795 : }
1796 :
1797 2847 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1798 : spdm_context->transcript.digest_context_mut_m1m2, message,
1799 : message_size);
1800 2847 : if (!result) {
1801 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1802 : spdm_context->transcript.digest_context_mut_m1m2);
1803 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1804 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1805 : }
1806 :
1807 2847 : return LIBSPDM_STATUS_SUCCESS;
1808 : }
1809 : #endif
1810 : }
1811 :
1812 10 : libspdm_return_t libspdm_append_message_mut_c(libspdm_context_t *spdm_context, const void *message,
1813 : size_t message_size)
1814 : {
1815 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1816 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_mut_c,
1817 : message, message_size);
1818 : #else
1819 : {
1820 : bool result;
1821 :
1822 10 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1823 7 : spdm_context->transcript.digest_context_mut_m1m2 = libspdm_hash_new (
1824 : spdm_context->connection_info.algorithm.base_hash_algo);
1825 7 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1826 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1827 : }
1828 7 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1829 : spdm_context->transcript.digest_context_mut_m1m2);
1830 7 : if (!result) {
1831 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1832 : spdm_context->transcript.digest_context_mut_m1m2);
1833 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1834 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1835 : }
1836 7 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1837 : SPDM_MESSAGE_VERSION_11) {
1838 :
1839 : /* Need append VCA since 1.2 script */
1840 2 : result = libspdm_hash_update (
1841 : spdm_context->connection_info.algorithm.base_hash_algo,
1842 : spdm_context->transcript.digest_context_mut_m1m2,
1843 2 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
1844 2 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1845 : message_a));
1846 2 : if (!result) {
1847 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1848 : spdm_context->transcript.digest_context_mut_m1m2);
1849 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1850 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1851 : }
1852 : }
1853 : }
1854 :
1855 10 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1856 : spdm_context->transcript.digest_context_mut_m1m2, message,
1857 : message_size);
1858 10 : if (!result) {
1859 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1860 : spdm_context->transcript.digest_context_mut_m1m2);
1861 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1862 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1863 : }
1864 :
1865 10 : return LIBSPDM_STATUS_SUCCESS;
1866 : }
1867 : #endif
1868 : }
1869 :
1870 722 : libspdm_return_t libspdm_append_message_m(libspdm_context_t *spdm_context, void *session_info,
1871 : const void *message, size_t message_size)
1872 : {
1873 : libspdm_session_info_t *spdm_session_info;
1874 :
1875 722 : spdm_session_info = session_info;
1876 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1877 : if (spdm_session_info == NULL) {
1878 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_m,
1879 : message, message_size);
1880 : } else {
1881 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_m,
1882 : message, message_size);
1883 : }
1884 : #else
1885 : {
1886 : bool result;
1887 :
1888 722 : if (spdm_session_info == NULL) {
1889 718 : if (spdm_context->transcript.digest_context_l1l2 == NULL) {
1890 62 : spdm_context->transcript.digest_context_l1l2 = libspdm_hash_new (
1891 : spdm_context->connection_info.algorithm.base_hash_algo);
1892 62 : if (spdm_context->transcript.digest_context_l1l2 == NULL) {
1893 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1894 : }
1895 62 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1896 : spdm_context->transcript.digest_context_l1l2);
1897 62 : if (!result) {
1898 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1899 : spdm_context->transcript.digest_context_l1l2);
1900 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1901 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1902 : }
1903 62 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1904 : SPDM_MESSAGE_VERSION_11) {
1905 :
1906 : /* Need append VCA since 1.2 script */
1907 13 : result = libspdm_hash_update (
1908 : spdm_context->connection_info.algorithm.base_hash_algo,
1909 : spdm_context->transcript.digest_context_l1l2,
1910 13 : libspdm_get_managed_buffer(
1911 13 : &spdm_context->transcript.message_a),
1912 13 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1913 : message_a));
1914 13 : if (!result) {
1915 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1916 : spdm_context->transcript.digest_context_l1l2);
1917 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1918 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1919 : }
1920 : }
1921 : }
1922 718 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1923 : spdm_context->transcript.digest_context_l1l2, message,
1924 : message_size);
1925 718 : if (!result) {
1926 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1927 : spdm_context->transcript.digest_context_l1l2);
1928 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1929 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1930 : }
1931 : } else {
1932 4 : if (spdm_session_info->session_transcript.digest_context_l1l2 == NULL) {
1933 2 : spdm_session_info->session_transcript.digest_context_l1l2 = libspdm_hash_new (
1934 : spdm_context->connection_info.algorithm.base_hash_algo);
1935 2 : if (spdm_session_info->session_transcript.digest_context_l1l2 == NULL) {
1936 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1937 : }
1938 2 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1939 : spdm_session_info->session_transcript.digest_context_l1l2);
1940 2 : if (!result) {
1941 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1942 : spdm_session_info->session_transcript.digest_context_l1l2);
1943 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1944 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1945 : }
1946 2 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1947 : SPDM_MESSAGE_VERSION_11) {
1948 :
1949 : /* Need append VCA since 1.2 script*/
1950 :
1951 0 : result = libspdm_hash_update (
1952 : spdm_context->connection_info.algorithm.base_hash_algo,
1953 : spdm_session_info->session_transcript.digest_context_l1l2,
1954 0 : libspdm_get_managed_buffer(
1955 0 : &spdm_context->transcript.message_a),
1956 0 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1957 : message_a));
1958 0 : if (!result) {
1959 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1960 : spdm_session_info->session_transcript.digest_context_l1l2);
1961 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1962 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1963 : }
1964 : }
1965 : }
1966 4 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1967 : spdm_session_info->session_transcript.digest_context_l1l2,
1968 : message, message_size);
1969 4 : if (!result) {
1970 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1971 : spdm_session_info->session_transcript.digest_context_l1l2);
1972 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1973 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1974 : }
1975 : }
1976 :
1977 722 : return LIBSPDM_STATUS_SUCCESS;
1978 : }
1979 : #endif
1980 : }
1981 :
1982 299 : libspdm_return_t libspdm_append_message_k(libspdm_context_t *spdm_context,
1983 : void *session_info,
1984 : bool is_requester, const void *message,
1985 : size_t message_size)
1986 : {
1987 : libspdm_session_info_t *spdm_session_info;
1988 :
1989 299 : spdm_session_info = session_info;
1990 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1991 : return libspdm_append_managed_buffer(
1992 : &spdm_session_info->session_transcript.message_k, message,
1993 : message_size);
1994 : #else
1995 : {
1996 : uint8_t *cert_chain_buffer;
1997 : size_t cert_chain_buffer_size;
1998 : bool result;
1999 : uint8_t cert_chain_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2000 : uint32_t hash_size;
2001 : uint8_t slot_id;
2002 :
2003 299 : hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2004 :
2005 299 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2006 155 : if (!spdm_session_info->use_psk) {
2007 90 : if (is_requester) {
2008 59 : slot_id = spdm_context->connection_info.peer_used_cert_chain_slot_id;
2009 59 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2010 59 : if (slot_id == 0xFF) {
2011 2 : result = libspdm_get_peer_public_key_buffer(
2012 : spdm_context, (const void **)&cert_chain_buffer,
2013 : &cert_chain_buffer_size);
2014 2 : if (!result) {
2015 0 : return LIBSPDM_STATUS_INVALID_STATE_PEER;
2016 : }
2017 :
2018 2 : result = libspdm_hash_all(
2019 : spdm_context->connection_info.algorithm.base_hash_algo,
2020 : cert_chain_buffer, cert_chain_buffer_size,
2021 : cert_chain_buffer_hash);
2022 2 : if (!result) {
2023 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2024 : }
2025 : } else {
2026 57 : LIBSPDM_ASSERT(
2027 : hash_size ==
2028 : spdm_context->connection_info
2029 : .peer_used_cert_chain[slot_id].buffer_hash_size);
2030 :
2031 57 : libspdm_copy_mem(cert_chain_buffer_hash,
2032 : sizeof(cert_chain_buffer_hash),
2033 : spdm_context->connection_info
2034 57 : .peer_used_cert_chain[slot_id].buffer_hash,
2035 : hash_size);
2036 : }
2037 : } else {
2038 31 : slot_id = spdm_context->connection_info.local_used_cert_chain_slot_id;
2039 31 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2040 31 : if (slot_id == 0xFF) {
2041 2 : result = libspdm_get_local_public_key_buffer(
2042 : spdm_context, (const void **)&cert_chain_buffer,
2043 : &cert_chain_buffer_size);
2044 : } else {
2045 29 : result = libspdm_get_local_cert_chain_buffer(
2046 : spdm_context, (const void **)&cert_chain_buffer,
2047 : &cert_chain_buffer_size);
2048 : }
2049 31 : if (!result) {
2050 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
2051 : }
2052 :
2053 31 : result = libspdm_hash_all(
2054 : spdm_context->connection_info.algorithm.base_hash_algo,
2055 : cert_chain_buffer, cert_chain_buffer_size,
2056 : cert_chain_buffer_hash);
2057 31 : if (!result) {
2058 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2059 : }
2060 : }
2061 : }
2062 : }
2063 :
2064 :
2065 : /* prepare digest_context_th*/
2066 :
2067 299 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2068 155 : spdm_session_info->session_transcript.digest_context_th = libspdm_hash_new (
2069 : spdm_context->connection_info.algorithm.base_hash_algo);
2070 155 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2071 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2072 : }
2073 155 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2074 : spdm_session_info->session_transcript.digest_context_th);
2075 155 : if (!result) {
2076 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2077 : spdm_session_info->session_transcript.digest_context_th);
2078 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2079 : }
2080 155 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2081 : spdm_session_info->session_transcript.digest_context_th,
2082 155 : libspdm_get_managed_buffer(&spdm_context->transcript.
2083 : message_a),
2084 : libspdm_get_managed_buffer_size(
2085 155 : &spdm_context->transcript.message_a));
2086 155 : if (!result) {
2087 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2088 : spdm_session_info->session_transcript.digest_context_th);
2089 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2090 : }
2091 155 : if (!spdm_session_info->use_psk) {
2092 90 : if (spdm_context->connection_info.multi_key_conn_rsp) {
2093 0 : result = libspdm_hash_update (
2094 : spdm_context->connection_info.algorithm.base_hash_algo,
2095 : spdm_session_info->session_transcript.digest_context_th,
2096 0 : libspdm_get_managed_buffer(&spdm_context->transcript.message_d),
2097 0 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_d));
2098 0 : if (!result) {
2099 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2100 : spdm_session_info->session_transcript.digest_context_th);
2101 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2102 : }
2103 : }
2104 :
2105 90 : result = libspdm_hash_update (
2106 : spdm_context->connection_info.algorithm.base_hash_algo,
2107 : spdm_session_info->session_transcript.digest_context_th,
2108 : cert_chain_buffer_hash, hash_size);
2109 90 : if (!result) {
2110 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2111 : spdm_session_info->session_transcript.digest_context_th);
2112 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2113 : }
2114 : }
2115 : }
2116 299 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2117 : spdm_session_info->session_transcript.digest_context_th,
2118 : message,
2119 : message_size);
2120 299 : if (!result) {
2121 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2122 : spdm_session_info->session_transcript.digest_context_th);
2123 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2124 : }
2125 299 : return LIBSPDM_STATUS_SUCCESS;
2126 : }
2127 : #endif
2128 : }
2129 :
2130 4 : libspdm_return_t libspdm_append_message_encap_d(libspdm_context_t *spdm_context,
2131 : void *session_info,
2132 : bool is_requester, const void *message,
2133 : size_t message_size)
2134 : {
2135 : libspdm_session_info_t *spdm_session_info;
2136 :
2137 4 : spdm_session_info = session_info;
2138 : /* Only the first message EncapD in current session counts */
2139 4 : if (libspdm_get_managed_buffer_size(&spdm_session_info->session_transcript.message_encap_d) !=
2140 : 0) {
2141 0 : return LIBSPDM_STATUS_SUCCESS;
2142 : }
2143 4 : return libspdm_append_managed_buffer(
2144 4 : &spdm_session_info->session_transcript.message_encap_d, message,
2145 : message_size);
2146 : }
2147 :
2148 253 : libspdm_return_t libspdm_append_message_f(libspdm_context_t *spdm_context,
2149 : void *session_info,
2150 : bool is_requester, const void *message,
2151 : size_t message_size)
2152 : {
2153 : libspdm_session_info_t *spdm_session_info;
2154 :
2155 253 : spdm_session_info = session_info;
2156 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2157 : return libspdm_append_managed_buffer(
2158 : &spdm_session_info->session_transcript.message_f, message,
2159 : message_size);
2160 : #else
2161 : {
2162 : const uint8_t *mut_cert_chain_buffer;
2163 : size_t mut_cert_chain_buffer_size;
2164 : bool result;
2165 : uint8_t mut_cert_chain_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2166 : uint32_t hash_size;
2167 : libspdm_return_t status;
2168 : uint8_t slot_id;
2169 :
2170 253 : hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2171 :
2172 253 : if (!spdm_session_info->session_transcript.message_f_initialized) {
2173 : /* digest_context_th might be NULL in unit test, where message_k is hardcoded. */
2174 96 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2175 : status =
2176 95 : libspdm_append_message_k (spdm_context, session_info, is_requester, NULL, 0);
2177 95 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
2178 0 : return status;
2179 : }
2180 : }
2181 :
2182 96 : if (!spdm_session_info->use_psk && (spdm_session_info->mut_auth_requested != 0)) {
2183 16 : if (is_requester) {
2184 5 : slot_id = spdm_context->connection_info.local_used_cert_chain_slot_id;
2185 5 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2186 5 : if (slot_id == 0xFF) {
2187 0 : result = libspdm_get_local_public_key_buffer(
2188 : spdm_context,
2189 : (const void **)&mut_cert_chain_buffer,
2190 : &mut_cert_chain_buffer_size);
2191 : } else {
2192 5 : result = libspdm_get_local_cert_chain_buffer(
2193 : spdm_context,
2194 : (const void **)&mut_cert_chain_buffer,
2195 : &mut_cert_chain_buffer_size);
2196 : }
2197 5 : if (!result) {
2198 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
2199 : }
2200 :
2201 5 : result = libspdm_hash_all(
2202 : spdm_context->connection_info.algorithm.base_hash_algo,
2203 : mut_cert_chain_buffer, mut_cert_chain_buffer_size,
2204 : mut_cert_chain_buffer_hash);
2205 5 : if (!result) {
2206 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2207 : }
2208 : } else {
2209 11 : slot_id = spdm_context->connection_info.peer_used_cert_chain_slot_id;
2210 11 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2211 11 : if (slot_id == 0xFF) {
2212 1 : result = libspdm_get_peer_public_key_buffer(
2213 : spdm_context,
2214 : (const void **)&mut_cert_chain_buffer,
2215 : &mut_cert_chain_buffer_size);
2216 1 : if (!result) {
2217 0 : return LIBSPDM_STATUS_INVALID_STATE_PEER;
2218 : }
2219 :
2220 1 : result = libspdm_hash_all(
2221 : spdm_context->connection_info.algorithm.base_hash_algo,
2222 : mut_cert_chain_buffer, mut_cert_chain_buffer_size,
2223 : mut_cert_chain_buffer_hash);
2224 1 : if (!result) {
2225 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2226 : }
2227 : } else {
2228 10 : LIBSPDM_ASSERT(
2229 : hash_size ==
2230 : spdm_context->connection_info
2231 : .peer_used_cert_chain[slot_id].buffer_hash_size);
2232 :
2233 10 : libspdm_copy_mem(mut_cert_chain_buffer_hash,
2234 : sizeof(mut_cert_chain_buffer_hash),
2235 : spdm_context->connection_info
2236 10 : .peer_used_cert_chain[slot_id].buffer_hash,
2237 : hash_size);
2238 : }
2239 : }
2240 : }
2241 :
2242 : /* It is first time call, backup current message_k context
2243 : * this backup will be used in reset_message_f.*/
2244 :
2245 96 : LIBSPDM_ASSERT (spdm_session_info->session_transcript.digest_context_th != NULL);
2246 96 : spdm_session_info->session_transcript.digest_context_th_backup = libspdm_hash_new (
2247 : spdm_context->connection_info.algorithm.base_hash_algo);
2248 96 : if (spdm_session_info->session_transcript.digest_context_th_backup == NULL) {
2249 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2250 : }
2251 96 : result = libspdm_hash_duplicate (spdm_context->connection_info.algorithm.base_hash_algo,
2252 96 : spdm_session_info->session_transcript.digest_context_th,
2253 : spdm_session_info->session_transcript.digest_context_th_backup);
2254 96 : if (!result) {
2255 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2256 : spdm_session_info->session_transcript.digest_context_th_backup);
2257 0 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
2258 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2259 : }
2260 : }
2261 :
2262 :
2263 : /* prepare digest_context_th*/
2264 :
2265 253 : LIBSPDM_ASSERT (spdm_session_info->session_transcript.digest_context_th != NULL);
2266 253 : if (!spdm_session_info->session_transcript.message_f_initialized) {
2267 96 : if (!spdm_session_info->use_psk && (spdm_session_info->mut_auth_requested != 0)) {
2268 16 : if (spdm_context->connection_info.multi_key_conn_req) {
2269 0 : result = libspdm_hash_update (
2270 : spdm_context->connection_info.algorithm.base_hash_algo,
2271 : spdm_session_info->session_transcript.digest_context_th,
2272 0 : libspdm_get_managed_buffer(&spdm_session_info->session_transcript.
2273 : message_encap_d),
2274 0 : libspdm_get_managed_buffer_size(&spdm_session_info->session_transcript.
2275 : message_encap_d));
2276 0 : if (!result) {
2277 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2278 : spdm_session_info->session_transcript.digest_context_th);
2279 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2280 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2281 : }
2282 : }
2283 :
2284 16 : result = libspdm_hash_update (
2285 : spdm_context->connection_info.algorithm.base_hash_algo,
2286 : spdm_session_info->session_transcript.digest_context_th,
2287 : mut_cert_chain_buffer_hash, hash_size);
2288 16 : if (!result) {
2289 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2290 : spdm_session_info->session_transcript.digest_context_th);
2291 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2292 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2293 : }
2294 : }
2295 : }
2296 253 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2297 : spdm_session_info->session_transcript.digest_context_th,
2298 : message,
2299 : message_size);
2300 253 : if (!result) {
2301 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2302 : spdm_session_info->session_transcript.digest_context_th);
2303 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2304 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2305 : }
2306 :
2307 253 : spdm_session_info->session_transcript.message_f_initialized = true;
2308 253 : return LIBSPDM_STATUS_SUCCESS;
2309 : }
2310 : #endif
2311 : }
2312 :
2313 34 : libspdm_return_t libspdm_append_message_e(libspdm_context_t *spdm_context, void *session_info,
2314 : const void *message, size_t message_size)
2315 : {
2316 : libspdm_session_info_t *spdm_session_info;
2317 :
2318 34 : spdm_session_info = session_info;
2319 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2320 : if (spdm_session_info == NULL) {
2321 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_e,
2322 : message, message_size);
2323 : } else {
2324 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_e,
2325 : message, message_size);
2326 : }
2327 : #else
2328 : {
2329 : bool result;
2330 :
2331 34 : if (spdm_session_info == NULL) {
2332 28 : if (spdm_context->transcript.digest_context_il1il2 == NULL) {
2333 14 : spdm_context->transcript.digest_context_il1il2 = libspdm_hash_new (
2334 : spdm_context->connection_info.algorithm.base_hash_algo);
2335 14 : if (spdm_context->transcript.digest_context_il1il2 == NULL) {
2336 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2337 : }
2338 14 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2339 : spdm_context->transcript.digest_context_il1il2);
2340 14 : if (!result) {
2341 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2342 : spdm_context->transcript.digest_context_il1il2);
2343 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2344 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2345 : }
2346 :
2347 14 : result = libspdm_hash_update (
2348 : spdm_context->connection_info.algorithm.base_hash_algo,
2349 : spdm_context->transcript.digest_context_il1il2,
2350 14 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2351 14 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2352 :
2353 14 : if (!result) {
2354 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2355 : spdm_context->transcript.digest_context_il1il2);
2356 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2357 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2358 : }
2359 : }
2360 28 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2361 : spdm_context->transcript.digest_context_il1il2, message,
2362 : message_size);
2363 28 : if (!result) {
2364 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2365 : spdm_context->transcript.digest_context_il1il2);
2366 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2367 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2368 : }
2369 : } else {
2370 6 : if (spdm_session_info->session_transcript.digest_context_il1il2 == NULL) {
2371 3 : spdm_session_info->session_transcript.digest_context_il1il2 = libspdm_hash_new (
2372 : spdm_context->connection_info.algorithm.base_hash_algo);
2373 3 : if (spdm_session_info->session_transcript.digest_context_il1il2 == NULL) {
2374 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2375 : }
2376 3 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2377 : spdm_session_info->session_transcript.digest_context_il1il2);
2378 3 : if (!result) {
2379 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2380 : spdm_session_info->session_transcript.digest_context_il1il2);
2381 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2382 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2383 : }
2384 :
2385 3 : result = libspdm_hash_update (
2386 : spdm_context->connection_info.algorithm.base_hash_algo,
2387 : spdm_session_info->session_transcript.digest_context_il1il2,
2388 3 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2389 3 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2390 :
2391 3 : if (!result) {
2392 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2393 : spdm_session_info->session_transcript.digest_context_il1il2);
2394 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2395 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2396 : }
2397 : }
2398 6 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2399 : spdm_session_info->session_transcript.digest_context_il1il2,
2400 : message, message_size);
2401 6 : if (!result) {
2402 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2403 : spdm_session_info->session_transcript.digest_context_il1il2);
2404 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2405 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2406 : }
2407 : }
2408 :
2409 34 : return LIBSPDM_STATUS_SUCCESS;
2410 : }
2411 : #endif
2412 : }
2413 :
2414 24 : libspdm_return_t libspdm_append_message_encap_e(libspdm_context_t *spdm_context, void *session_info,
2415 : const void *message, size_t message_size)
2416 : {
2417 : libspdm_session_info_t *spdm_session_info;
2418 :
2419 24 : spdm_session_info = session_info;
2420 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2421 : if (spdm_session_info == NULL) {
2422 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_encap_e,
2423 : message, message_size);
2424 : } else {
2425 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_encap_e,
2426 : message, message_size);
2427 : }
2428 : #else
2429 : {
2430 : bool result;
2431 :
2432 24 : if (spdm_session_info == NULL) {
2433 19 : if (spdm_context->transcript.digest_context_encap_il1il2 == NULL) {
2434 12 : spdm_context->transcript.digest_context_encap_il1il2 = libspdm_hash_new (
2435 : spdm_context->connection_info.algorithm.base_hash_algo);
2436 12 : if (spdm_context->transcript.digest_context_encap_il1il2 == NULL) {
2437 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2438 : }
2439 12 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2440 : spdm_context->transcript.digest_context_encap_il1il2);
2441 12 : if (!result) {
2442 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2443 : spdm_context->transcript.digest_context_encap_il1il2);
2444 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2445 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2446 : }
2447 :
2448 12 : result = libspdm_hash_update (
2449 : spdm_context->connection_info.algorithm.base_hash_algo,
2450 : spdm_context->transcript.digest_context_encap_il1il2,
2451 12 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2452 12 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2453 :
2454 12 : if (!result) {
2455 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2456 : spdm_context->transcript.digest_context_encap_il1il2);
2457 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2458 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2459 : }
2460 : }
2461 19 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2462 : spdm_context->transcript.digest_context_encap_il1il2,
2463 : message,
2464 : message_size);
2465 19 : if (!result) {
2466 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2467 : spdm_context->transcript.digest_context_encap_il1il2);
2468 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2469 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2470 : }
2471 : } else {
2472 5 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 == NULL) {
2473 3 : spdm_session_info->session_transcript.digest_context_encap_il1il2 =
2474 3 : libspdm_hash_new (spdm_context->connection_info.algorithm.base_hash_algo);
2475 3 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 == NULL) {
2476 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2477 : }
2478 3 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2479 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2480 3 : if (!result) {
2481 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2482 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2483 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2484 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2485 : }
2486 :
2487 3 : result = libspdm_hash_update (
2488 : spdm_context->connection_info.algorithm.base_hash_algo,
2489 : spdm_session_info->session_transcript.digest_context_encap_il1il2,
2490 3 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2491 3 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2492 :
2493 3 : if (!result) {
2494 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2495 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2496 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2497 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2498 : }
2499 : }
2500 5 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2501 : spdm_session_info->session_transcript.digest_context_encap_il1il2,
2502 : message, message_size);
2503 5 : if (!result) {
2504 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2505 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2506 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2507 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2508 : }
2509 : }
2510 :
2511 24 : return LIBSPDM_STATUS_SUCCESS;
2512 : }
2513 : #endif
2514 : }
2515 : /**
2516 : * This function returns if a given version is supported based upon the GET_VERSION/VERSION.
2517 : *
2518 : * @param spdm_context A pointer to the SPDM context.
2519 : * @param version The SPDM version.
2520 : *
2521 : * @retval true the version is supported.
2522 : * @retval false the version is not supported.
2523 : **/
2524 0 : bool libspdm_is_version_supported(const libspdm_context_t *spdm_context, uint8_t version)
2525 : {
2526 0 : if (version == (spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT)) {
2527 0 : return true;
2528 : }
2529 :
2530 0 : return false;
2531 : }
2532 :
2533 : /**
2534 : * This function returns connection version negotiated by GET_VERSION/VERSION.
2535 : *
2536 : * @param spdm_context A pointer to the SPDM context.
2537 : *
2538 : * @return the connection version.
2539 : **/
2540 273537 : uint8_t libspdm_get_connection_version(const libspdm_context_t *spdm_context)
2541 : {
2542 273537 : return (uint8_t)(spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT);
2543 : }
2544 :
2545 : /**
2546 : * This function returns if a capabilities flag is supported in current SPDM connection.
2547 : *
2548 : * @param spdm_context A pointer to the SPDM context.
2549 : * @param is_requester Is the function called from a requester.
2550 : * @param requester_capabilities_flag The requester capabilities flag to be checked
2551 : * @param responder_capabilities_flag The responder capabilities flag to be checked
2552 : *
2553 : * @retval true the capabilities flag is supported.
2554 : * @retval false the capabilities flag is not supported.
2555 : **/
2556 76889 : bool libspdm_is_capabilities_flag_supported(const libspdm_context_t *spdm_context,
2557 : bool is_requester,
2558 : uint32_t requester_capabilities_flag,
2559 : uint32_t responder_capabilities_flag)
2560 : {
2561 : uint32_t negotiated_requester_capabilities_flag;
2562 : uint32_t negotiated_responder_capabilities_flag;
2563 :
2564 76889 : if (is_requester) {
2565 72439 : negotiated_requester_capabilities_flag = spdm_context->local_context.capability.flags;
2566 72439 : negotiated_responder_capabilities_flag = spdm_context->connection_info.capability.flags;
2567 : } else {
2568 4450 : negotiated_requester_capabilities_flag = spdm_context->connection_info.capability.flags;
2569 4450 : negotiated_responder_capabilities_flag = spdm_context->local_context.capability.flags;
2570 : }
2571 :
2572 76889 : if (((requester_capabilities_flag == 0) ||
2573 73202 : ((negotiated_requester_capabilities_flag &
2574 71855 : requester_capabilities_flag) != 0)) &&
2575 70367 : ((responder_capabilities_flag == 0) ||
2576 70367 : ((negotiated_responder_capabilities_flag &
2577 : responder_capabilities_flag) != 0))) {
2578 70979 : return true;
2579 : } else {
2580 5910 : return false;
2581 : }
2582 : }
2583 :
2584 : /**
2585 : * This function returns if a capabilities extended flag is supported in current SPDM connection.
2586 : *
2587 : * @param spdm_context A pointer to the SPDM context.
2588 : * @param is_requester Is the function called from a requester.
2589 : * @param requester_capabilities_ext_flag The requester capabilities extended flag to be checked
2590 : * @param responder_capabilities_ext_flag The responder capabilities extended flag to be checked
2591 : *
2592 : * @retval true the capabilities extended flag is supported.
2593 : * @retval false the capabilities extended flag is not supported.
2594 : **/
2595 0 : bool libspdm_is_capabilities_ext_flag_supported(const libspdm_context_t *spdm_context,
2596 : bool is_requester,
2597 : uint16_t requester_capabilities_ext_flag,
2598 : uint16_t responder_capabilities_ext_flag)
2599 : {
2600 : uint16_t negotiated_requester_capabilities_ext_flag;
2601 : uint16_t negotiated_responder_capabilities_ext_flag;
2602 :
2603 0 : if (is_requester) {
2604 0 : negotiated_requester_capabilities_ext_flag = spdm_context->local_context.capability.ext_flags;
2605 0 : negotiated_responder_capabilities_ext_flag = spdm_context->connection_info.capability.ext_flags;
2606 : } else {
2607 0 : negotiated_requester_capabilities_ext_flag = spdm_context->connection_info.capability.ext_flags;
2608 0 : negotiated_responder_capabilities_ext_flag = spdm_context->local_context.capability.ext_flags;
2609 : }
2610 :
2611 0 : if (((requester_capabilities_ext_flag == 0) ||
2612 : ((negotiated_requester_capabilities_ext_flag &
2613 0 : requester_capabilities_ext_flag) != 0)) &&
2614 0 : ((responder_capabilities_ext_flag == 0) ||
2615 : ((negotiated_responder_capabilities_ext_flag &
2616 0 : responder_capabilities_ext_flag) != 0))) {
2617 0 : return true;
2618 : } else {
2619 0 : return false;
2620 : }
2621 : }
2622 :
2623 33 : bool libspdm_is_encap_supported(const libspdm_context_t *spdm_context)
2624 : {
2625 33 : if (libspdm_get_connection_version(spdm_context) == SPDM_MESSAGE_VERSION_10) {
2626 0 : return false;
2627 33 : } else if (libspdm_get_connection_version(spdm_context) == SPDM_MESSAGE_VERSION_12) {
2628 : /* ENCAP_CAP was erroneously deprecated in SPDM 1.2.0 and 1.2.1, and MUT_AUTH_CAP
2629 : * was used in its place. In SPDM 1.2.2 and later ENCAP_CAP is undeprecated. Since
2630 : * UpdateVersionNumber must be ignored when checking interoperability libspdm will check
2631 : * if ENCAP_CAP or MUT_AUTH_CAP is set. */
2632 2 : const bool is_req_encap_cap_supported = libspdm_is_capabilities_flag_supported(
2633 2 : spdm_context, spdm_context->local_context.is_requester,
2634 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP, 0);
2635 2 : const bool is_req_mut_auth_cap_supported = libspdm_is_capabilities_flag_supported(
2636 2 : spdm_context, spdm_context->local_context.is_requester,
2637 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP, 0);
2638 2 : const bool is_rsp_encap_cap_supported = libspdm_is_capabilities_flag_supported(
2639 2 : spdm_context, spdm_context->local_context.is_requester,
2640 : 0, SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP);
2641 2 : const bool is_rsp_mut_auth_cap_supported = libspdm_is_capabilities_flag_supported(
2642 2 : spdm_context, spdm_context->local_context.is_requester,
2643 : 0, SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP);
2644 :
2645 2 : return ((is_req_encap_cap_supported || is_req_mut_auth_cap_supported) &&
2646 0 : (is_rsp_encap_cap_supported || is_rsp_mut_auth_cap_supported));
2647 : } else {
2648 : /* For SPDM 1.1 and 1.3 and later only check ENCAP_CAP. */
2649 31 : return libspdm_is_capabilities_flag_supported(
2650 31 : spdm_context, spdm_context->local_context.is_requester,
2651 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP,
2652 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP);
2653 : }
2654 : }
2655 :
2656 : /**
2657 : * Register SPDM device input/output functions.
2658 : *
2659 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2660 : *
2661 : * @param spdm_context A pointer to the SPDM context.
2662 : * @param send_message The function to send an SPDM transport layer message.
2663 : * @param receive_message The function to receive an SPDM transport layer message.
2664 : **/
2665 109 : void libspdm_register_device_io_func(
2666 : void *spdm_context, libspdm_device_send_message_func send_message,
2667 : libspdm_device_receive_message_func receive_message)
2668 : {
2669 : libspdm_context_t *context;
2670 :
2671 109 : context = spdm_context;
2672 109 : context->send_message = send_message;
2673 109 : context->receive_message = receive_message;
2674 109 : }
2675 :
2676 : /**
2677 : * Register SPDM device buffer management functions.
2678 : *
2679 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2680 : *
2681 : * The sender_buffer_size and receiver_buffer_size must be no smaller than
2682 : * MAX (non-secure Transport Message Header Size +
2683 : * SPDM_CAPABILITIES.DataTransferSize +
2684 : * max alignment pad size (transport specific),
2685 : * secure Transport Message Header Size +
2686 : * sizeof(spdm_secured_message_a_data_header1_t) +
2687 : * length of sequence_number (transport specific) +
2688 : * sizeof(spdm_secured_message_a_data_header2_t) +
2689 : * sizeof(spdm_secured_message_cipher_header_t) +
2690 : * App Message Header Size (transport specific) +
2691 : * SPDM_CAPABILITIES.DataTransferSize +
2692 : * maximum random data size (transport specific) +
2693 : * AEAD MAC size (16) +
2694 : * max alignment pad size (transport specific)).
2695 : *
2696 : * Finally, the SPDM_CAPABILITIES.DataTransferSize will be calculated based upon it.
2697 : *
2698 : * For MCTP,
2699 : * Transport Message Header Size = sizeof(mctp_message_header_t)
2700 : * length of sequence_number = 2
2701 : * App Message Header Size = sizeof(mctp_message_header_t)
2702 : * maximum random data size = MCTP_MAX_RANDOM_NUMBER_COUNT
2703 : * max alignment pad size = 0
2704 : * For PCI_DOE,
2705 : * Transport Message Header Size = sizeof(pci_doe_data_object_header_t)
2706 : * length of sequence_number = 0
2707 : * App Message Header Size = 0
2708 : * maximum random data size = 0
2709 : * max alignment pad size = 3
2710 : *
2711 : * @param spdm_context A pointer to the SPDM context.
2712 : * @param sender_buffer_size Size in bytes of the sender buffer.
2713 : * @param receiver_buffer_size Size in bytes of the receiver buffer.
2714 : * @param acquire_sender_buffer The function to acquire transport layer sender buffer.
2715 : * @param release_sender_buffer The function to release transport layer sender buffer.
2716 : * @param acquire_receiver_buffer The function to acquire transport layer receiver buffer.
2717 : * @param release_receiver_buffer The function to release transport layer receiver buffer.
2718 : **/
2719 110 : void libspdm_register_device_buffer_func(
2720 : void *spdm_context,
2721 : uint32_t sender_buffer_size,
2722 : uint32_t receiver_buffer_size,
2723 : libspdm_device_acquire_sender_buffer_func acquire_sender_buffer,
2724 : libspdm_device_release_sender_buffer_func release_sender_buffer,
2725 : libspdm_device_acquire_receiver_buffer_func acquire_receiver_buffer,
2726 : libspdm_device_release_receiver_buffer_func release_receiver_buffer)
2727 : {
2728 : libspdm_context_t *context;
2729 :
2730 110 : context = spdm_context;
2731 110 : context->sender_buffer_size = sender_buffer_size;
2732 110 : context->receiver_buffer_size = receiver_buffer_size;
2733 110 : context->acquire_sender_buffer = acquire_sender_buffer;
2734 110 : context->release_sender_buffer = release_sender_buffer;
2735 110 : context->acquire_receiver_buffer = acquire_receiver_buffer;
2736 110 : context->release_receiver_buffer = release_receiver_buffer;
2737 :
2738 110 : LIBSPDM_ASSERT (sender_buffer_size >=
2739 : context->local_context.capability.transport_header_size +
2740 : context->local_context.capability.transport_tail_size);
2741 110 : sender_buffer_size -= (context->local_context.capability.transport_header_size +
2742 110 : context->local_context.capability.transport_tail_size);
2743 110 : LIBSPDM_ASSERT (sender_buffer_size >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
2744 110 : context->local_context.capability.sender_data_transfer_size = sender_buffer_size;
2745 :
2746 110 : LIBSPDM_ASSERT(receiver_buffer_size >=
2747 : context->local_context.capability.transport_header_size +
2748 : context->local_context.capability.transport_tail_size);
2749 110 : receiver_buffer_size -= (context->local_context.capability.transport_header_size +
2750 110 : context->local_context.capability.transport_tail_size);
2751 110 : LIBSPDM_ASSERT (receiver_buffer_size >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
2752 110 : context->local_context.capability.data_transfer_size = receiver_buffer_size;
2753 110 : }
2754 :
2755 : /**
2756 : * Register SPDM transport layer encode/decode functions for SPDM or APP messages.
2757 : *
2758 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2759 : *
2760 : * @param spdm_context A pointer to the SPDM context.
2761 : * @param transport_encode_message The function to encode an SPDM or APP message to a transport layer message.
2762 : * @param transport_decode_message The function to decode an SPDM or APP message from a transport layer message.
2763 : **/
2764 111 : void libspdm_register_transport_layer_func(
2765 : void *spdm_context,
2766 : uint32_t max_spdm_msg_size,
2767 : uint32_t transport_header_size,
2768 : uint32_t transport_tail_size,
2769 : libspdm_transport_encode_message_func transport_encode_message,
2770 : libspdm_transport_decode_message_func transport_decode_message)
2771 : {
2772 : libspdm_context_t *context;
2773 :
2774 111 : context = spdm_context;
2775 :
2776 : /* fix the data_transfer_size if it is set before */
2777 111 : if ((context->local_context.capability.data_transfer_size != 0) &&
2778 1 : (context->local_context.capability.data_transfer_size ==
2779 1 : context->receiver_buffer_size)) {
2780 0 : context->local_context.capability.data_transfer_size =
2781 0 : (uint32_t)(context->receiver_buffer_size -
2782 0 : (transport_header_size + transport_tail_size));
2783 : }
2784 111 : if ((context->local_context.capability.sender_data_transfer_size != 0) &&
2785 1 : (context->local_context.capability.sender_data_transfer_size ==
2786 1 : context->sender_buffer_size)) {
2787 0 : context->local_context.capability.sender_data_transfer_size =
2788 0 : (uint32_t)(context->sender_buffer_size -
2789 0 : (transport_header_size + transport_tail_size));
2790 : }
2791 :
2792 111 : context->local_context.capability.max_spdm_msg_size = max_spdm_msg_size;
2793 111 : context->local_context.capability.transport_header_size = transport_header_size;
2794 111 : context->local_context.capability.transport_tail_size = transport_tail_size;
2795 111 : context->transport_encode_message = transport_encode_message;
2796 111 : context->transport_decode_message = transport_decode_message;
2797 111 : }
2798 :
2799 : /**
2800 : * Register SPDM certificate verification functions for SPDM GET_CERTIFICATE in requester or responder.
2801 : * It is called after GET_CERTIFICATE gets a full certificate chain from peer.
2802 : *
2803 : * If it is NOT registered, the default verification in SPDM lib will be used. It verifies:
2804 : * 1) The integrity of the certificate chain, (Root Cert Hash->Root Cert->Cert Chain), according to X.509.
2805 : * 2) The trust anchor, according LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT or LIBSPDM_DATA_PEER_PUBLIC_CERT_CHAIN.
2806 : * If it is registered, SPDM lib will use this function to verify the certificate.
2807 : *
2808 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2809 : *
2810 : * @param context A pointer to the SPDM context.
2811 : * @param verify_spdm_cert_chain The function to verify an SPDM certificate after GET_CERTIFICATE.
2812 : **/
2813 0 : void libspdm_register_verify_spdm_cert_chain_func(
2814 : void *spdm_context,
2815 : const libspdm_verify_spdm_cert_chain_func verify_spdm_cert_chain)
2816 : {
2817 : libspdm_context_t *context;
2818 :
2819 0 : context = spdm_context;
2820 0 : context->local_context.verify_peer_spdm_cert_chain = verify_spdm_cert_chain;
2821 0 : }
2822 :
2823 : /**
2824 : * Get the size of required scratch buffer.
2825 : *
2826 : * The SPDM Integrator must call libspdm_get_sizeof_required_scratch_buffer to get the size,
2827 : * then allocate enough scratch buffer and call libspdm_set_scratch_buffer().
2828 : *
2829 : * @param context A pointer to the SPDM context.
2830 : *
2831 : * @return the size of required scratch buffer.
2832 : **/
2833 114 : size_t libspdm_get_sizeof_required_scratch_buffer (void *spdm_context)
2834 : {
2835 : libspdm_context_t *context;
2836 : size_t scratch_buffer_size;
2837 :
2838 114 : context = spdm_context;
2839 114 : LIBSPDM_ASSERT (context->local_context.capability.max_spdm_msg_size != 0);
2840 :
2841 114 : scratch_buffer_size = libspdm_get_scratch_buffer_capacity(context);
2842 114 : return scratch_buffer_size;
2843 : }
2844 :
2845 : /**
2846 : * Set the scratch buffer.
2847 : *
2848 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2849 : *
2850 : * @param context A pointer to the SPDM context.
2851 : * @param scratch_buffer Buffer address of the scratch buffer.
2852 : * @param scratch_buffer_size Size of the scratch buffer.
2853 : *
2854 : **/
2855 114 : void libspdm_set_scratch_buffer (
2856 : void *spdm_context,
2857 : void *scratch_buffer,
2858 : size_t scratch_buffer_size)
2859 : {
2860 : libspdm_context_t *context;
2861 :
2862 114 : context = spdm_context;
2863 114 : LIBSPDM_ASSERT (context->local_context.capability.max_spdm_msg_size != 0);
2864 114 : LIBSPDM_ASSERT (scratch_buffer_size >= libspdm_get_scratch_buffer_capacity(spdm_context));
2865 114 : context->scratch_buffer = scratch_buffer;
2866 114 : context->scratch_buffer_size = scratch_buffer_size;
2867 114 : context->last_spdm_request = (uint8_t *)scratch_buffer +
2868 114 : libspdm_get_scratch_buffer_last_spdm_request_offset(spdm_context);
2869 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2870 114 : context->cache_spdm_request = (uint8_t *)scratch_buffer +
2871 114 : libspdm_get_scratch_buffer_cache_spdm_request_offset(spdm_context);
2872 : #endif
2873 114 : }
2874 :
2875 : /**
2876 : * Get the scratch buffer.
2877 : *
2878 : * @param context A pointer to the SPDM context.
2879 : * @param scratch_buffer Buffer address of the scratch buffer.
2880 : * @param scratch_buffer_size Size of the scratch buffer.
2881 : *
2882 : **/
2883 136738 : void libspdm_get_scratch_buffer (
2884 : void *spdm_context,
2885 : void **scratch_buffer,
2886 : size_t *scratch_buffer_size)
2887 : {
2888 : libspdm_context_t *context;
2889 :
2890 136738 : context = spdm_context;
2891 136738 : LIBSPDM_ASSERT (context->scratch_buffer != NULL);
2892 136738 : LIBSPDM_ASSERT (context->scratch_buffer_size >=
2893 : libspdm_get_scratch_buffer_capacity(spdm_context));
2894 136738 : *scratch_buffer = context->scratch_buffer;
2895 136738 : *scratch_buffer_size = context->scratch_buffer_size;
2896 : /* need to remove last 2 sections, because they are for libspdm internal state track. */
2897 136738 : *scratch_buffer_size -= libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context);
2898 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2899 136738 : *scratch_buffer_size -= libspdm_get_scratch_buffer_cache_spdm_request_capacity(spdm_context);
2900 : #endif
2901 136738 : }
2902 :
2903 2615 : libspdm_return_t libspdm_acquire_sender_buffer (
2904 : libspdm_context_t *spdm_context, size_t *max_msg_size, void **msg_buf_ptr)
2905 : {
2906 : libspdm_return_t status;
2907 :
2908 2615 : LIBSPDM_ASSERT (spdm_context->sender_buffer == NULL);
2909 2615 : LIBSPDM_ASSERT (spdm_context->sender_buffer_size != 0);
2910 2615 : status = spdm_context->acquire_sender_buffer (spdm_context, msg_buf_ptr);
2911 2615 : if (status != LIBSPDM_STATUS_SUCCESS) {
2912 7 : return status;
2913 : }
2914 2608 : spdm_context->sender_buffer = *msg_buf_ptr;
2915 2608 : *max_msg_size = spdm_context->sender_buffer_size;
2916 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
2917 : /* it return scratch buffer, because the requester need build message there.*/
2918 5216 : *msg_buf_ptr = (uint8_t *)spdm_context->scratch_buffer +
2919 2608 : libspdm_get_scratch_buffer_large_sender_receiver_offset(spdm_context);
2920 2608 : *max_msg_size = libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context);
2921 : #endif
2922 2608 : return LIBSPDM_STATUS_SUCCESS;
2923 : }
2924 :
2925 2608 : void libspdm_release_sender_buffer (libspdm_context_t *spdm_context)
2926 : {
2927 2608 : LIBSPDM_ASSERT(spdm_context->sender_buffer != NULL);
2928 2608 : LIBSPDM_ASSERT(spdm_context->sender_buffer_size != 0);
2929 :
2930 2608 : spdm_context->release_sender_buffer (spdm_context, spdm_context->sender_buffer);
2931 2608 : spdm_context->sender_buffer = NULL;
2932 2608 : }
2933 :
2934 : /**
2935 : * Get the sender buffer.
2936 : *
2937 : * @param context A pointer to the SPDM context.
2938 : * @param receiver_buffer Buffer address of the sender buffer.
2939 : * @param receiver_buffer_size Size of the sender buffer.
2940 : *
2941 : **/
2942 68219 : void libspdm_get_sender_buffer (
2943 : libspdm_context_t *spdm_context,
2944 : void **sender_buffer,
2945 : size_t *sender_buffer_size)
2946 : {
2947 68219 : *sender_buffer = spdm_context->sender_buffer;
2948 68219 : *sender_buffer_size = spdm_context->sender_buffer_size;
2949 68219 : }
2950 :
2951 2569 : libspdm_return_t libspdm_acquire_receiver_buffer (
2952 : libspdm_context_t *spdm_context, size_t *max_msg_size, void **msg_buf_ptr)
2953 : {
2954 : libspdm_return_t status;
2955 :
2956 2569 : LIBSPDM_ASSERT (spdm_context->receiver_buffer == NULL);
2957 2569 : LIBSPDM_ASSERT (spdm_context->receiver_buffer_size != 0);
2958 2569 : status = spdm_context->acquire_receiver_buffer (spdm_context, msg_buf_ptr);
2959 2569 : if (status != LIBSPDM_STATUS_SUCCESS) {
2960 7 : return status;
2961 : }
2962 2562 : spdm_context->receiver_buffer = *msg_buf_ptr;
2963 2562 : *max_msg_size = spdm_context->receiver_buffer_size;
2964 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
2965 : /* it return scratch buffer, because the requester need build message there.*/
2966 5124 : *msg_buf_ptr = (uint8_t *)spdm_context->scratch_buffer +
2967 2562 : libspdm_get_scratch_buffer_large_sender_receiver_offset(spdm_context);
2968 2562 : *max_msg_size = libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context);
2969 : #endif
2970 2562 : return LIBSPDM_STATUS_SUCCESS;
2971 : }
2972 :
2973 2562 : void libspdm_release_receiver_buffer (libspdm_context_t *spdm_context)
2974 : {
2975 2562 : LIBSPDM_ASSERT(spdm_context->receiver_buffer != NULL);
2976 2562 : LIBSPDM_ASSERT(spdm_context->receiver_buffer_size != 0);
2977 :
2978 2562 : spdm_context->release_receiver_buffer (spdm_context, spdm_context->receiver_buffer);
2979 2562 : spdm_context->receiver_buffer = NULL;
2980 2562 : }
2981 :
2982 : /**
2983 : * Get the receiver buffer.
2984 : *
2985 : * @param context A pointer to the SPDM context.
2986 : * @param receiver_buffer Buffer address of the receiver buffer.
2987 : * @param receiver_buffer_size Size of the receiver buffer.
2988 : *
2989 : **/
2990 0 : void libspdm_get_receiver_buffer (
2991 : libspdm_context_t *spdm_context,
2992 : void **receiver_buffer,
2993 : size_t *receiver_buffer_size)
2994 : {
2995 0 : *receiver_buffer = spdm_context->receiver_buffer;
2996 0 : *receiver_buffer_size = spdm_context->receiver_buffer_size;
2997 0 : }
2998 :
2999 : /**
3000 : * Get the last SPDM error struct of an SPDM context.
3001 : *
3002 : * @param spdm_context A pointer to the SPDM context.
3003 : * @param last_spdm_error Last SPDM error struct of an SPDM context.
3004 : */
3005 0 : void libspdm_get_last_spdm_error_struct(void *spdm_context, libspdm_error_struct_t *last_spdm_error)
3006 : {
3007 : libspdm_context_t *context;
3008 :
3009 0 : context = spdm_context;
3010 0 : libspdm_copy_mem(last_spdm_error, sizeof(libspdm_error_struct_t),
3011 0 : &context->last_spdm_error,sizeof(libspdm_error_struct_t));
3012 0 : }
3013 :
3014 : /**
3015 : * Set the last SPDM error struct of an SPDM context.
3016 : *
3017 : * @param spdm_context A pointer to the SPDM context.
3018 : * @param last_spdm_error Last SPDM error struct of an SPDM context.
3019 : */
3020 68317 : void libspdm_set_last_spdm_error_struct(void *spdm_context, libspdm_error_struct_t *last_spdm_error)
3021 : {
3022 : libspdm_context_t *context;
3023 :
3024 68317 : context = spdm_context;
3025 68317 : libspdm_copy_mem(&context->last_spdm_error, sizeof(context->last_spdm_error),
3026 : last_spdm_error, sizeof(libspdm_error_struct_t));
3027 68317 : }
3028 :
3029 : #if LIBSPDM_FIPS_MODE
3030 0 : libspdm_return_t libspdm_init_fips_selftest_context(void *fips_selftest_context,
3031 : size_t buffer_size,
3032 : void *buffer)
3033 : {
3034 : libspdm_fips_selftest_context_t *context;
3035 0 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
3036 : LIBSPDM_ASSERT(buffer_size >= LIBSPDM_FIPS_REQUIRED_BUFFER_SIZE);
3037 0 : if (buffer_size > 0) {
3038 0 : LIBSPDM_ASSERT(buffer != NULL);
3039 : }
3040 :
3041 0 : context = fips_selftest_context;
3042 :
3043 : /*No tested for every used algo*/
3044 0 : context->tested_algo = 0;
3045 : /*self_test result is false for every used algo*/
3046 0 : context->self_test_result = 0;
3047 : /*The buffer provided by integrator to hold large intermediate results*/
3048 0 : context->selftest_buffer_size = buffer_size;
3049 0 : context->selftest_buffer = buffer;
3050 :
3051 0 : return LIBSPDM_STATUS_SUCCESS;
3052 : }
3053 :
3054 : /**
3055 : * Return the size in bytes of the fips_selftest_context.
3056 : *
3057 : * @return the size in bytes of the fips_selftest_context.
3058 : **/
3059 0 : size_t libspdm_get_fips_selftest_context_size(void)
3060 : {
3061 : size_t size;
3062 :
3063 0 : size = sizeof(libspdm_fips_selftest_context_t);
3064 0 : return size;
3065 : }
3066 :
3067 : /**
3068 : * Returns the required buffer size for FIPS self-tests.
3069 : *
3070 : * @retval The required buffer size in bytes.
3071 : */
3072 0 : size_t libspdm_get_fips_selftest_buffer_size(void)
3073 : {
3074 0 : return LIBSPDM_FIPS_REQUIRED_BUFFER_SIZE;
3075 : }
3076 :
3077 : /**
3078 : * import fips_selftest_context to spdm_context;
3079 : *
3080 : * @param[in,out] spdm_context A pointer to the spdm_context.
3081 : * @param[in] fips_selftest_context A pointer to the fips_selftest_context.
3082 : * @param[in] fips_selftest_context_size The size of fips_selftest_context.
3083 : *
3084 : * @retval true import fips_selftest_context successful.
3085 : * @retval false spdm_context or fips_selftest_context is null.
3086 : */
3087 0 : bool libspdm_import_fips_selftest_context_to_spdm_context(void *spdm_context,
3088 : void *fips_selftest_context,
3089 : size_t fips_selftest_context_size)
3090 : {
3091 : libspdm_fips_selftest_context_t *libspdm_fips_selftest_context;
3092 : libspdm_context_t *libspdm_context;
3093 :
3094 0 : libspdm_context = spdm_context;
3095 0 : libspdm_fips_selftest_context = fips_selftest_context;
3096 :
3097 0 : if ((libspdm_context == NULL) || (libspdm_fips_selftest_context == NULL)) {
3098 0 : return false;
3099 : }
3100 0 : if (fips_selftest_context_size != sizeof(libspdm_fips_selftest_context_t)) {
3101 0 : return false;
3102 : }
3103 :
3104 0 : libspdm_copy_mem(&(libspdm_context->fips_selftest_context),
3105 : sizeof(libspdm_fips_selftest_context_t),
3106 : libspdm_fips_selftest_context, sizeof(libspdm_fips_selftest_context_t));
3107 0 : return true;
3108 : }
3109 :
3110 : /**
3111 : * export fips_selftest_context from spdm_context;
3112 : *
3113 : * @param[in] spdm_context A pointer to the spdm_context.
3114 : * @param[in,out] fips_selftest_context A pointer to the fips_selftest_context.
3115 : * @param[in] fips_selftest_context_size The size of fips_selftest_context.
3116 : *
3117 : * @retval true export fips_selftest_context successful.
3118 : * @retval false spdm_context or fips_selftest_context is null.
3119 : */
3120 0 : bool libspdm_export_fips_selftest_context_from_spdm_context(void *spdm_context,
3121 : void *fips_selftest_context,
3122 : size_t fips_selftest_context_size)
3123 : {
3124 : libspdm_fips_selftest_context_t *libspdm_fips_selftest_context;
3125 : libspdm_context_t *libspdm_context;
3126 :
3127 0 : libspdm_context = spdm_context;
3128 0 : libspdm_fips_selftest_context = fips_selftest_context;
3129 :
3130 0 : if ((libspdm_context == NULL) || (libspdm_fips_selftest_context == NULL)) {
3131 0 : return false;
3132 : }
3133 0 : if (fips_selftest_context_size != sizeof(libspdm_fips_selftest_context_t)) {
3134 0 : return false;
3135 : }
3136 :
3137 0 : libspdm_copy_mem(libspdm_fips_selftest_context,
3138 : sizeof(libspdm_fips_selftest_context_t),
3139 0 : &(libspdm_context->fips_selftest_context),
3140 : sizeof(libspdm_fips_selftest_context_t));
3141 0 : return true;
3142 : }
3143 :
3144 : #endif /* LIBSPDM_FIPS_MODE */
3145 :
3146 117 : libspdm_return_t libspdm_init_context_with_secured_context(void *spdm_context,
3147 : void **secured_contexts,
3148 : size_t num_secured_contexts)
3149 : {
3150 : libspdm_context_t *context;
3151 : size_t index;
3152 :
3153 117 : LIBSPDM_ASSERT(spdm_context != NULL);
3154 117 : LIBSPDM_ASSERT(secured_contexts != NULL);
3155 117 : LIBSPDM_ASSERT(num_secured_contexts == LIBSPDM_MAX_SESSION_COUNT);
3156 :
3157 117 : context = spdm_context;
3158 117 : libspdm_zero_mem(context, sizeof(libspdm_context_t));
3159 117 : context->version = LIBSPDM_CONTEXT_STRUCT_VERSION;
3160 117 : context->transcript.message_a.max_buffer_size =
3161 : sizeof(context->transcript.message_a.buffer);
3162 117 : context->transcript.message_d.max_buffer_size =
3163 : sizeof(context->transcript.message_d.buffer);
3164 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3165 : context->transcript.message_b.max_buffer_size =
3166 : sizeof(context->transcript.message_b.buffer);
3167 : context->transcript.message_c.max_buffer_size =
3168 : sizeof(context->transcript.message_c.buffer);
3169 : context->transcript.message_mut_b.max_buffer_size =
3170 : sizeof(context->transcript.message_mut_b.buffer);
3171 : context->transcript.message_mut_c.max_buffer_size =
3172 : sizeof(context->transcript.message_mut_c.buffer);
3173 : context->transcript.message_m.max_buffer_size =
3174 : sizeof(context->transcript.message_m.buffer);
3175 : context->transcript.message_e.max_buffer_size =
3176 : sizeof(context->transcript.message_e.buffer);
3177 : context->transcript.message_encap_e.max_buffer_size =
3178 : sizeof(context->transcript.message_encap_e.buffer);
3179 : #endif
3180 117 : context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
3181 117 : context->local_context.version.spdm_version_count = SPDM_MAX_VERSION_COUNT;
3182 117 : context->local_context.version.spdm_version[0] = SPDM_MESSAGE_VERSION_10 <<
3183 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3184 117 : context->local_context.version.spdm_version[1] = SPDM_MESSAGE_VERSION_11 <<
3185 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3186 117 : context->local_context.version.spdm_version[2] = SPDM_MESSAGE_VERSION_12 <<
3187 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3188 117 : context->local_context.version.spdm_version[3] = SPDM_MESSAGE_VERSION_13 <<
3189 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3190 117 : context->local_context.version.spdm_version[4] = SPDM_MESSAGE_VERSION_14 <<
3191 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3192 117 : context->local_context.secured_message_version.spdm_version_count =
3193 : SECURED_SPDM_MAX_VERSION_COUNT;
3194 117 : context->local_context.secured_message_version.spdm_version[0] =
3195 : SECURED_SPDM_VERSION_10 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3196 117 : context->local_context.secured_message_version.spdm_version[1] =
3197 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3198 117 : context->local_context.secured_message_version.spdm_version[2] =
3199 : SECURED_SPDM_VERSION_12 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3200 117 : context->local_context.capability.st1 = SPDM_ST1_VALUE_US;
3201 :
3202 117 : context->mut_auth_cert_chain_buffer_size = 0;
3203 :
3204 117 : context->max_spdm_session_sequence_number = LIBSPDM_MAX_SPDM_SESSION_SEQUENCE_NUMBER;
3205 :
3206 117 : context->latest_session_id = INVALID_SESSION_ID;
3207 117 : context->last_spdm_request_session_id = INVALID_SESSION_ID;
3208 117 : context->last_spdm_request_session_id_valid = false;
3209 117 : context->last_spdm_request_size = 0;
3210 :
3211 : /* To be updated in libspdm_register_device_buffer_func */
3212 117 : context->local_context.capability.data_transfer_size = 0;
3213 117 : context->local_context.capability.sender_data_transfer_size = 0;
3214 117 : context->local_context.capability.max_spdm_msg_size = 0;
3215 :
3216 585 : for (index = 0; index < num_secured_contexts; index++) {
3217 468 : if (secured_contexts[index] == NULL) {
3218 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
3219 : }
3220 :
3221 468 : context->session_info[index].secured_message_context = secured_contexts[index];
3222 468 : libspdm_secured_message_init_context(
3223 : context->session_info[index].secured_message_context);
3224 : }
3225 :
3226 117 : return LIBSPDM_STATUS_SUCCESS;
3227 : }
3228 :
3229 116 : libspdm_return_t libspdm_init_context(void *spdm_context)
3230 : {
3231 : libspdm_context_t *context;
3232 : void *secured_context;
3233 : void *secured_contexts[LIBSPDM_MAX_SESSION_COUNT];
3234 : size_t secured_context_size;
3235 : size_t index;
3236 :
3237 116 : LIBSPDM_ASSERT(spdm_context != NULL);
3238 :
3239 : /* libspdm_get_context_size() allocates space for all secured message
3240 : * contexts. They are appended to the general SPDM context. */
3241 116 : context = spdm_context;
3242 116 : secured_context = (void *)((size_t)(context + 1));
3243 116 : secured_context_size = libspdm_secured_message_get_context_size();
3244 :
3245 580 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++)
3246 : {
3247 464 : secured_contexts[index] = (uint8_t *)secured_context + secured_context_size * index;
3248 : }
3249 :
3250 116 : return libspdm_init_context_with_secured_context(spdm_context,
3251 : secured_contexts,
3252 : LIBSPDM_MAX_SESSION_COUNT);
3253 : }
3254 :
3255 42 : void libspdm_reset_context(void *spdm_context)
3256 : {
3257 : libspdm_context_t *context;
3258 : size_t index;
3259 :
3260 42 : context = spdm_context;
3261 :
3262 : /*Clear all info about last connection*/
3263 :
3264 : /*need clear session info to free context before algo is zeroed.*/
3265 210 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++)
3266 : {
3267 168 : libspdm_session_info_init(context,
3268 : &context->session_info[index],
3269 : INVALID_SESSION_ID,
3270 : 0,
3271 : false);
3272 : }
3273 :
3274 42 : context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
3275 42 : libspdm_zero_mem(&context->connection_info.version, sizeof(spdm_version_number_t));
3276 42 : libspdm_zero_mem(&context->connection_info.capability,
3277 : sizeof(libspdm_device_capability_t));
3278 42 : libspdm_zero_mem(&context->connection_info.algorithm, sizeof(libspdm_device_algorithm_t));
3279 42 : libspdm_zero_mem(&context->last_spdm_error, sizeof(libspdm_error_struct_t));
3280 42 : libspdm_zero_mem(&context->encap_context, sizeof(libspdm_encap_context_t));
3281 42 : context->connection_info.local_used_cert_chain_buffer_size = 0;
3282 42 : context->connection_info.local_used_cert_chain_buffer = NULL;
3283 42 : context->connection_info.multi_key_conn_req = false;
3284 42 : context->connection_info.multi_key_conn_rsp = false;
3285 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
3286 42 : context->cache_spdm_request_size = 0;
3287 : #endif
3288 42 : context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
3289 42 : context->current_token = 0;
3290 42 : context->latest_session_id = INVALID_SESSION_ID;
3291 42 : context->last_spdm_request_session_id = INVALID_SESSION_ID;
3292 42 : context->last_spdm_request_session_id_valid = false;
3293 42 : context->last_spdm_request_size = 0;
3294 42 : context->mut_auth_cert_chain_buffer_size = 0;
3295 42 : context->current_dhe_session_count = 0;
3296 42 : context->current_psk_session_count = 0;
3297 42 : }
3298 :
3299 : /**
3300 : * Free the memory of contexts within the SPDM context.
3301 : * These are typically contexts whose memory has been allocated by the cryptography library.
3302 : * This function does not free the SPDM context itself.
3303 : *
3304 : * @param[in] spdm_context A pointer to the SPDM context.
3305 : *
3306 : */
3307 0 : void libspdm_deinit_context(void *spdm_context)
3308 : {
3309 : uint32_t session_id;
3310 : libspdm_context_t *context;
3311 : libspdm_session_info_t *session_info;
3312 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
3313 : void *pubkey_context;
3314 : bool is_requester;
3315 : uint8_t slot_index;
3316 : #endif
3317 :
3318 0 : context = spdm_context;
3319 :
3320 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
3321 0 : is_requester = context->local_context.is_requester;
3322 :
3323 0 : for (slot_index = 0; slot_index < SPDM_MAX_SLOT_COUNT; slot_index++) {
3324 0 : pubkey_context = context->connection_info.peer_used_cert_chain[slot_index].
3325 : leaf_cert_public_key;
3326 :
3327 0 : if (pubkey_context != NULL) {
3328 0 : if (is_requester) {
3329 0 : if (context->connection_info.algorithm.pqc_asym_algo != 0) {
3330 0 : libspdm_pqc_asym_free(
3331 : context->connection_info.algorithm.pqc_asym_algo, pubkey_context);
3332 : } else {
3333 0 : libspdm_asym_free(
3334 : context->connection_info.algorithm.base_asym_algo, pubkey_context);
3335 : }
3336 : } else {
3337 0 : if (context->connection_info.algorithm.req_pqc_asym_alg != 0) {
3338 0 : libspdm_req_pqc_asym_free(
3339 : context->connection_info.algorithm.req_pqc_asym_alg, pubkey_context);
3340 : } else {
3341 0 : libspdm_req_asym_free(
3342 0 : context->connection_info.algorithm.req_base_asym_alg, pubkey_context);
3343 : }
3344 : }
3345 :
3346 0 : context->connection_info.peer_used_cert_chain[slot_index].leaf_cert_public_key = NULL;
3347 : }
3348 : }
3349 : #endif
3350 :
3351 0 : libspdm_reset_message_a(context);
3352 0 : libspdm_reset_message_d(context);
3353 0 : libspdm_reset_message_b(context);
3354 0 : libspdm_reset_message_c(context);
3355 0 : libspdm_reset_message_mut_b(context);
3356 0 : libspdm_reset_message_mut_c(context);
3357 0 : for (session_id = 0; session_id < LIBSPDM_MAX_SESSION_COUNT; session_id++) {
3358 0 : session_info = &context->session_info[session_id];
3359 0 : libspdm_reset_message_m(context, session_info);
3360 0 : libspdm_reset_message_e(context, session_info);
3361 0 : libspdm_reset_message_encap_e(context, session_info);
3362 0 : libspdm_reset_message_encap_d(context, session_info);
3363 0 : libspdm_reset_message_k(context, session_info);
3364 0 : libspdm_reset_message_f(context, session_info);
3365 : }
3366 0 : }
3367 :
3368 : /**
3369 : * Return the size in bytes of the SPDM context. This includes all
3370 : * secured message context data as well.
3371 : *
3372 : * For just the SPDM context size, use libspdm_get_context_size_without_secured_context.
3373 : *
3374 : * @return the size in bytes of the SPDM context and secured message contexts.
3375 : **/
3376 116 : size_t libspdm_get_context_size(void)
3377 : {
3378 : size_t size;
3379 :
3380 116 : size = sizeof(libspdm_context_t) +
3381 116 : libspdm_secured_message_get_context_size() * LIBSPDM_MAX_SESSION_COUNT;
3382 116 : LIBSPDM_ASSERT (size == LIBSPDM_CONTEXT_SIZE_ALL);
3383 116 : return size;
3384 : }
3385 :
3386 : /**
3387 : * Return the size in bytes of just the SPDM context, without secured message context.
3388 : *
3389 : * For the complete context size, use libspdm_get_context_size.
3390 : *
3391 : * @return the size in bytes of the SPDM context.
3392 : **/
3393 1 : size_t libspdm_get_context_size_without_secured_context(void)
3394 : {
3395 : size_t size;
3396 :
3397 1 : size = sizeof(libspdm_context_t);
3398 1 : LIBSPDM_ASSERT (size == LIBSPDM_CONTEXT_SIZE_WITHOUT_SECURED_CONTEXT);
3399 1 : return size;
3400 : }
3401 :
3402 : /**
3403 : * Return the SPDMversion field of the version number struct.
3404 : *
3405 : * @param ver Spdm version number struct.
3406 : *
3407 : * @return the SPDMversion of the version number struct.
3408 : **/
3409 245 : uint8_t libspdm_get_version_from_version_number(const spdm_version_number_t ver)
3410 : {
3411 245 : return (uint8_t)(ver >> SPDM_VERSION_NUMBER_SHIFT_BIT);
3412 : }
3413 :
3414 : /**
3415 : * Sort SPDMversion in descending order.
3416 : *
3417 : * @param spdm_context A pointer to the SPDM context.
3418 : * @param ver_set A pointer to the version set.
3419 : * @param ver_num Version number.
3420 : */
3421 60 : void libspdm_version_number_sort(spdm_version_number_t *ver_set, size_t ver_num)
3422 : {
3423 : size_t index;
3424 : size_t index_sort;
3425 : size_t index_max;
3426 : spdm_version_number_t version;
3427 :
3428 : /* Select sort */
3429 60 : if (ver_num > 1) {
3430 135 : for (index_sort = 0; index_sort < ver_num; index_sort++) {
3431 103 : index_max = index_sort;
3432 230 : for (index = index_sort + 1; index < ver_num; index++) {
3433 : /* if ver_ser[index] higher than ver_set[index_max] */
3434 127 : if (ver_set[index] > ver_set[index_max]) {
3435 74 : index_max = index;
3436 : }
3437 : }
3438 : /* swap ver_ser[index_min] and ver_set[index_sort] */
3439 103 : version = ver_set[index_sort];
3440 103 : ver_set[index_sort] = ver_set[index_max];
3441 103 : ver_set[index_max] = version;
3442 : }
3443 : }
3444 60 : }
3445 :
3446 : /**
3447 : * Negotiate SPDMversion for connection.
3448 : * ver_set is the local version set of requester, res_ver_set is the version set of responder.
3449 : *
3450 : * @param common_version A pointer to store the common version.
3451 : * @param req_ver_set A pointer to the requester version set.
3452 : * @param req_ver_num Version number of requester.
3453 : * @param res_ver_set A pointer to the responder version set.
3454 : * @param res_ver_num Version number of responder.
3455 : *
3456 : * @retval true Negotiation successfully, connect version be saved to common_version.
3457 : * @retval false Negotiation failed.
3458 : */
3459 30 : bool libspdm_negotiate_connection_version(spdm_version_number_t *common_version,
3460 : spdm_version_number_t *req_ver_set,
3461 : size_t req_ver_num,
3462 : const spdm_version_number_t *res_ver_set,
3463 : size_t res_ver_num)
3464 : {
3465 : spdm_version_number_t req_version_list[LIBSPDM_MAX_VERSION_COUNT];
3466 : spdm_version_number_t res_version_list[LIBSPDM_MAX_VERSION_COUNT];
3467 : size_t req_index;
3468 : size_t res_index;
3469 :
3470 30 : if (req_ver_num > LIBSPDM_MAX_VERSION_COUNT || res_ver_num > LIBSPDM_MAX_VERSION_COUNT) {
3471 0 : return false;
3472 : }
3473 :
3474 30 : if (req_ver_set == NULL || req_ver_num == 0 || res_ver_set == NULL || res_ver_num == 0) {
3475 0 : return false;
3476 : }
3477 :
3478 30 : libspdm_zero_mem(req_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT);
3479 30 : libspdm_zero_mem(res_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT);
3480 :
3481 30 : libspdm_copy_mem(req_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT,
3482 : req_ver_set, sizeof(spdm_version_number_t) * req_ver_num);
3483 30 : libspdm_copy_mem(res_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT,
3484 : res_ver_set, sizeof(spdm_version_number_t) * res_ver_num);
3485 :
3486 : /* Sort SPDMversion in descending order. */
3487 30 : libspdm_version_number_sort(req_version_list, req_ver_num);
3488 30 : libspdm_version_number_sort(res_version_list, res_ver_num);
3489 :
3490 : /**
3491 : * Find highest same version and make req_index point to it.
3492 : * If not found, return false.
3493 : **/
3494 35 : for (res_index = 0; res_index < res_ver_num; res_index++) {
3495 67 : for (req_index = 0; req_index < req_ver_num; req_index++) {
3496 124 : if (libspdm_get_version_from_version_number(req_version_list[req_index]) ==
3497 62 : libspdm_get_version_from_version_number(res_version_list[res_index])) {
3498 29 : *common_version = req_version_list[req_index];
3499 29 : return true;
3500 : }
3501 : }
3502 : }
3503 1 : return false;
3504 : }
3505 :
3506 : #if LIBSPDM_EVENT_RECIPIENT_SUPPORT
3507 20 : void libspdm_register_event_callback(void *context,
3508 : libspdm_process_event_func process_event_func)
3509 : {
3510 : libspdm_context_t *spdm_context;
3511 :
3512 20 : spdm_context = context;
3513 20 : spdm_context->process_event = process_event_func;
3514 20 : }
3515 : #endif /* LIBSPDM_EVENT_RECIPIENT_SUPPORT */
|
