Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_common_lib.h"
8 : #include "internal/libspdm_secured_message_lib.h"
9 : #include "internal/libspdm_fips_lib.h"
10 :
11 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
12 : /* first section */
13 68176 : uint32_t libspdm_get_scratch_buffer_secure_message_offset(libspdm_context_t *spdm_context) {
14 68176 : return 0;
15 : }
16 :
17 420429 : uint32_t libspdm_get_scratch_buffer_secure_message_capacity(libspdm_context_t *spdm_context) {
18 420429 : return spdm_context->local_context.capability.max_spdm_msg_size +
19 840858 : spdm_context->local_context.capability.transport_header_size +
20 420429 : spdm_context->local_context.capability.transport_tail_size;
21 : }
22 :
23 : /* second section */
24 49 : uint32_t libspdm_get_scratch_buffer_large_message_offset(libspdm_context_t *spdm_context) {
25 49 : return libspdm_get_scratch_buffer_secure_message_capacity(spdm_context);
26 : }
27 :
28 352229 : uint32_t libspdm_get_scratch_buffer_large_message_capacity(libspdm_context_t *spdm_context) {
29 352229 : return spdm_context->local_context.capability.max_spdm_msg_size;
30 : }
31 : #endif
32 :
33 : /* third section */
34 202083 : uint32_t libspdm_get_scratch_buffer_sender_receiver_offset(libspdm_context_t *spdm_context) {
35 202083 : return 0 +
36 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
37 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
38 202083 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
39 : #endif
40 : 0;
41 : }
42 :
43 283987 : uint32_t libspdm_get_scratch_buffer_sender_receiver_capacity(libspdm_context_t *spdm_context) {
44 283987 : return spdm_context->local_context.capability.max_spdm_msg_size +
45 567974 : spdm_context->local_context.capability.transport_header_size +
46 283987 : spdm_context->local_context.capability.transport_tail_size;
47 : }
48 :
49 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
50 : /* fourth section */
51 12932 : uint32_t libspdm_get_scratch_buffer_large_sender_receiver_offset(libspdm_context_t *spdm_context) {
52 12932 : return libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
53 25864 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
54 12932 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context);
55 : }
56 :
57 147533 : uint32_t libspdm_get_scratch_buffer_large_sender_receiver_capacity(libspdm_context_t *spdm_context)
58 : {
59 147533 : return spdm_context->local_context.capability.max_spdm_msg_size +
60 295066 : spdm_context->local_context.capability.transport_header_size +
61 147533 : spdm_context->local_context.capability.transport_tail_size;
62 : }
63 : #endif
64 :
65 : /* fifth section */
66 114 : uint32_t libspdm_get_scratch_buffer_last_spdm_request_offset(libspdm_context_t *spdm_context) {
67 114 : return 0 +
68 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
69 114 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
70 114 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
71 : #endif
72 114 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
73 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
74 114 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
75 : #endif
76 : 0;
77 : }
78 :
79 276419 : uint32_t libspdm_get_scratch_buffer_last_spdm_request_capacity(libspdm_context_t *spdm_context) {
80 276419 : return spdm_context->local_context.capability.max_spdm_msg_size;
81 : }
82 :
83 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
84 : /* sixth section */
85 114 : uint32_t libspdm_get_scratch_buffer_cache_spdm_request_offset(libspdm_context_t *spdm_context) {
86 114 : return 0 +
87 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
88 114 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
89 114 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
90 : #endif
91 114 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
92 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
93 114 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
94 : #endif
95 114 : libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context) +
96 : 0;
97 : }
98 :
99 273719 : uint32_t libspdm_get_scratch_buffer_cache_spdm_request_capacity(libspdm_context_t *spdm_context) {
100 273719 : return spdm_context->local_context.capability.max_spdm_msg_size;
101 : }
102 : #endif
103 :
104 : /* combination */
105 136961 : uint32_t libspdm_get_scratch_buffer_capacity(libspdm_context_t *spdm_context) {
106 136961 : return 0 +
107 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
108 136961 : libspdm_get_scratch_buffer_secure_message_capacity(spdm_context) +
109 136961 : libspdm_get_scratch_buffer_large_message_capacity(spdm_context) +
110 : #endif
111 136961 : libspdm_get_scratch_buffer_sender_receiver_capacity(spdm_context) +
112 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
113 136961 : libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context) +
114 : #endif
115 136961 : libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context) +
116 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
117 136961 : libspdm_get_scratch_buffer_cache_spdm_request_capacity(spdm_context) +
118 : #endif
119 : 0;
120 : }
121 :
122 : /**
123 : * Returns if an SPDM data_type requires session info.
124 : *
125 : * @param data_type SPDM data type.
126 : *
127 : * @retval true session info is required.
128 : * @retval false session info is not required.
129 : **/
130 37 : static bool need_session_info_for_data(libspdm_data_type_t data_type)
131 : {
132 37 : switch (data_type) {
133 0 : case LIBSPDM_DATA_SESSION_SECURED_MESSAGE_VERSION:
134 : case LIBSPDM_DATA_SESSION_USE_PSK:
135 : case LIBSPDM_DATA_SESSION_MUT_AUTH_REQUESTED:
136 : case LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES:
137 : case LIBSPDM_DATA_SESSION_POLICY:
138 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_RSP_DIR:
139 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_REQ_DIR:
140 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_ENDIAN:
141 0 : return true;
142 37 : default:
143 37 : return false;
144 : }
145 : }
146 :
147 19 : libspdm_return_t libspdm_set_data(void *spdm_context, libspdm_data_type_t data_type,
148 : const libspdm_data_parameter_t *parameter, const void *data,
149 : size_t data_size)
150 : {
151 : libspdm_context_t *context;
152 : uint32_t session_id;
153 : uint32_t data32;
154 : libspdm_session_info_t *session_info;
155 : uint8_t slot_id;
156 : uint8_t mut_auth_requested;
157 : uint8_t root_cert_index;
158 : uint16_t data16;
159 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT) && LIBSPDM_CERT_PARSE_SUPPORT
160 : bool status;
161 : const uint8_t *cert_buffer;
162 : size_t cert_buffer_size;
163 : #endif
164 :
165 19 : if (spdm_context == NULL || data == NULL || data_type >= LIBSPDM_DATA_MAX) {
166 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
167 : }
168 :
169 19 : context = spdm_context;
170 :
171 19 : if (need_session_info_for_data(data_type)) {
172 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_SESSION) {
173 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
174 : }
175 0 : session_id = libspdm_read_uint32(parameter->additional_data);
176 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
177 0 : if (session_info == NULL) {
178 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
179 : }
180 : } else {
181 19 : session_info = NULL;
182 : }
183 :
184 19 : switch (data_type) {
185 0 : case LIBSPDM_DATA_SPDM_VERSION:
186 0 : LIBSPDM_ASSERT (data_size <= sizeof(spdm_version_number_t) * SPDM_MAX_VERSION_COUNT);
187 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
188 : /* Only have one connected version */
189 0 : LIBSPDM_ASSERT (data_size == sizeof(spdm_version_number_t));
190 0 : libspdm_copy_mem(&(context->connection_info.version),
191 : sizeof(context->connection_info.version),
192 : data,
193 : sizeof(spdm_version_number_t));
194 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
195 0 : context->local_context.version.spdm_version_count =
196 0 : (uint8_t)(data_size / sizeof(spdm_version_number_t));
197 0 : libspdm_copy_mem(context->local_context.version.spdm_version,
198 : sizeof(context->local_context.version.spdm_version),
199 : data,
200 0 : context->local_context.version.spdm_version_count *
201 : sizeof(spdm_version_number_t));
202 : } else {
203 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
204 : }
205 0 : break;
206 0 : case LIBSPDM_DATA_SECURED_MESSAGE_VERSION:
207 0 : LIBSPDM_ASSERT (data_size <=
208 : sizeof(spdm_version_number_t) * SECURED_SPDM_MAX_VERSION_COUNT);
209 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
210 0 : context->local_context.secured_message_version.secured_message_version_count =
211 0 : (uint8_t)(data_size / sizeof(spdm_version_number_t));
212 0 : libspdm_copy_mem(context->local_context.secured_message_version.secured_message_version,
213 : sizeof(context->local_context.secured_message_version.secured_message_version),
214 : data,
215 0 : context->local_context.secured_message_version.
216 : secured_message_version_count * sizeof(spdm_version_number_t));
217 : } else {
218 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
219 : }
220 0 : break;
221 0 : case LIBSPDM_DATA_CAPABILITY_FLAGS:
222 0 : if (data_size != sizeof(uint32_t)) {
223 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
224 : }
225 :
226 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
227 :
228 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
229 : #if !(LIBSPDM_ENABLE_CAPABILITY_CERT_CAP)
230 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CERT_CAP) == 0);
231 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_CERT_CAP */
232 :
233 : #if !(LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP)
234 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHAL_CAP) == 0);
235 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_CHAL_CAP */
236 :
237 : #if !(LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP)
238 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEAS_CAP) == 0);
239 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_MEAS_CAP */
240 :
241 : #if !(LIBSPDM_ENABLE_CAPABILITY_MEL_CAP)
242 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MEL_CAP) == 0);
243 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_MEL_CAP */
244 :
245 : #if !(LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP)
246 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_KEY_EX_CAP) == 0);
247 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_KEY_EX_CAP */
248 :
249 : #if !(LIBSPDM_ENABLE_CAPABILITY_PSK_CAP)
250 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_PSK_CAP) == 0);
251 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
252 :
253 : #if !(LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP)
254 : LIBSPDM_ASSERT((data32 & SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_EP_INFO_CAP) == 0);
255 : #endif /* !LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP */
256 :
257 0 : context->local_context.capability.flags = data32;
258 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
259 0 : context->connection_info.capability.flags = data32;
260 : } else {
261 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
262 : }
263 0 : break;
264 0 : case LIBSPDM_DATA_CAPABILITY_EXT_FLAGS:
265 0 : if (data_size != sizeof(uint16_t)) {
266 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
267 : }
268 :
269 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
270 :
271 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
272 0 : context->local_context.capability.flags = data16;
273 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
274 0 : context->connection_info.capability.flags = data16;
275 : } else {
276 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
277 : }
278 0 : break;
279 0 : case LIBSPDM_DATA_CAPABILITY_CT_EXPONENT:
280 0 : if (data_size != sizeof(uint8_t)) {
281 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
282 : }
283 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
284 0 : context->connection_info.capability.ct_exponent = *(const uint8_t *)data;
285 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
286 0 : context->local_context.capability.ct_exponent = *(const uint8_t *)data;
287 : } else {
288 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
289 : }
290 0 : break;
291 0 : case LIBSPDM_DATA_CAPABILITY_RTT_US:
292 0 : if (data_size != sizeof(uint64_t)) {
293 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
294 : }
295 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
296 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
297 : }
298 0 : context->local_context.capability.rtt = libspdm_read_uint64((const uint8_t *)data);
299 0 : break;
300 0 : case LIBSPDM_DATA_CAPABILITY_MAX_SPDM_MSG_SIZE:
301 0 : if (data_size != sizeof(uint32_t)) {
302 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
303 : }
304 : /* The local max_spdm_msg_size is set by libspdm_register_transport_layer_func.
305 : * Only the connection's max_spdm_msg_size is settable here. */
306 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
307 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
308 : }
309 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
310 0 : LIBSPDM_ASSERT (data32 >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
311 0 : context->connection_info.capability.max_spdm_msg_size = data32;
312 0 : break;
313 0 : case LIBSPDM_DATA_MEASUREMENT_SPEC:
314 0 : if (data_size != sizeof(uint8_t)) {
315 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
316 : }
317 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
318 0 : context->connection_info.algorithm.measurement_spec = *(const uint8_t *)data;
319 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
320 0 : context->local_context.algorithm.measurement_spec = *(const uint8_t *)data;
321 : } else {
322 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
323 : }
324 0 : break;
325 0 : case LIBSPDM_DATA_MEASUREMENT_HASH_ALGO:
326 0 : if (data_size != sizeof(uint32_t)) {
327 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
328 : }
329 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
330 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
331 0 : context->connection_info.algorithm.measurement_hash_algo = data32;
332 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
333 0 : context->local_context.algorithm.measurement_hash_algo = data32;
334 : } else {
335 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
336 : }
337 0 : break;
338 0 : case LIBSPDM_DATA_BASE_ASYM_ALGO:
339 0 : if (data_size != sizeof(uint32_t)) {
340 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
341 : }
342 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
343 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
344 0 : context->connection_info.algorithm.base_asym_algo = data32;
345 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
346 0 : context->local_context.algorithm.base_asym_algo = data32;
347 : } else {
348 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
349 : }
350 0 : break;
351 0 : case LIBSPDM_DATA_BASE_HASH_ALGO:
352 0 : if (data_size != sizeof(uint32_t)) {
353 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
354 : }
355 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
356 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
357 0 : context->connection_info.algorithm.base_hash_algo = data32;
358 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
359 0 : context->local_context.algorithm.base_hash_algo = data32;
360 : } else {
361 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
362 : }
363 0 : break;
364 0 : case LIBSPDM_DATA_DHE_NAME_GROUP:
365 0 : if (data_size != sizeof(uint16_t)) {
366 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
367 : }
368 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
369 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
370 0 : context->connection_info.algorithm.dhe_named_group = data16;
371 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
372 0 : context->local_context.algorithm.dhe_named_group = data16;
373 : } else {
374 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
375 : }
376 0 : break;
377 0 : case LIBSPDM_DATA_AEAD_CIPHER_SUITE:
378 0 : if (data_size != sizeof(uint16_t)) {
379 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
380 : }
381 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
382 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
383 0 : context->connection_info.algorithm.aead_cipher_suite = data16;
384 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
385 0 : context->local_context.algorithm.aead_cipher_suite = data16;
386 : } else {
387 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
388 : }
389 0 : break;
390 0 : case LIBSPDM_DATA_REQ_BASE_ASYM_ALG:
391 0 : if (data_size != sizeof(uint16_t)) {
392 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
393 : }
394 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
395 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
396 0 : context->connection_info.algorithm.req_base_asym_alg = data16;
397 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
398 0 : context->local_context.algorithm.req_base_asym_alg = data16;
399 : } else {
400 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
401 : }
402 0 : break;
403 0 : case LIBSPDM_DATA_KEY_SCHEDULE:
404 0 : if (data_size != sizeof(uint16_t)) {
405 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
406 : }
407 0 : data16 = libspdm_read_uint16((const uint8_t *)data);
408 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
409 0 : context->connection_info.algorithm.key_schedule = data16;
410 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
411 0 : context->local_context.algorithm.key_schedule = data16;
412 : } else {
413 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
414 : }
415 0 : break;
416 0 : case LIBSPDM_DATA_OTHER_PARAMS_SUPPORT:
417 0 : if (data_size != sizeof(uint8_t)) {
418 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
419 : }
420 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
421 0 : context->connection_info.algorithm.other_params_support = *(const uint8_t *)data;
422 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
423 0 : context->local_context.algorithm.other_params_support = *(const uint8_t *)data;
424 : } else {
425 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
426 : }
427 0 : break;
428 0 : case LIBSPDM_DATA_MEL_SPEC:
429 0 : if (data_size != sizeof(uint8_t)) {
430 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
431 : }
432 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
433 0 : context->connection_info.algorithm.mel_spec = *(const uint8_t *)data;
434 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
435 0 : context->local_context.algorithm.mel_spec = *(const uint8_t *)data;
436 : } else {
437 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
438 : }
439 0 : break;
440 0 : case LIBSPDM_DATA_PQC_ASYM_ALGO:
441 0 : if (data_size != sizeof(uint32_t)) {
442 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
443 : }
444 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
445 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
446 0 : context->connection_info.algorithm.pqc_asym_algo = data32;
447 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
448 0 : context->local_context.algorithm.pqc_asym_algo = data32;
449 : } else {
450 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
451 : }
452 0 : break;
453 0 : case LIBSPDM_DATA_REQ_PQC_ASYM_ALG:
454 0 : if (data_size != sizeof(uint32_t)) {
455 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
456 : }
457 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
458 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
459 0 : context->connection_info.algorithm.req_pqc_asym_alg = data32;
460 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
461 0 : context->local_context.algorithm.req_pqc_asym_alg = data32;
462 : } else {
463 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
464 : }
465 0 : break;
466 0 : case LIBSPDM_DATA_KEM_ALG:
467 0 : if (data_size != sizeof(uint32_t)) {
468 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
469 : }
470 0 : data32 = libspdm_read_uint32((const uint8_t *)data);
471 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
472 0 : context->connection_info.algorithm.kem_alg = data32;
473 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
474 0 : context->local_context.algorithm.kem_alg = data32;
475 : } else {
476 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
477 : }
478 0 : break;
479 0 : case LIBSPDM_DATA_ALGO_PRIORITY_PQC_FIRST:
480 0 : if (data_size != sizeof(bool)) {
481 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
482 : }
483 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
484 0 : context->local_context.algorithm.pqc_first = *(const bool *)data;
485 : } else {
486 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
487 : }
488 0 : break;
489 0 : case LIBSPDM_DATA_CONNECTION_STATE:
490 0 : if (data_size != sizeof(libspdm_connection_state_t)) {
491 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
492 : }
493 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
494 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
495 : }
496 0 : context->connection_info.connection_state = libspdm_read_uint32((const uint8_t *)data);
497 0 : break;
498 0 : case LIBSPDM_DATA_RESPONSE_STATE:
499 0 : if (data_size != sizeof(libspdm_response_state_t)) {
500 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
501 : }
502 0 : context->response_state = libspdm_read_uint32((const uint8_t *)data);
503 0 : break;
504 2 : case LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT:
505 2 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
506 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
507 : }
508 2 : root_cert_index = 0;
509 11 : while (context->local_context.peer_root_cert_provision[root_cert_index] != NULL) {
510 10 : root_cert_index++;
511 10 : if (root_cert_index >= LIBSPDM_MAX_ROOT_CERT_SUPPORT) {
512 1 : return LIBSPDM_STATUS_BUFFER_FULL;
513 : }
514 : }
515 1 : context->local_context.peer_root_cert_provision_size[root_cert_index] = data_size;
516 1 : context->local_context.peer_root_cert_provision[root_cert_index] = data;
517 1 : break;
518 0 : case LIBSPDM_DATA_LOCAL_PUBLIC_CERT_CHAIN:
519 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
520 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
521 : }
522 0 : slot_id = parameter->additional_data[0];
523 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
524 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
525 : }
526 0 : context->local_context.local_cert_chain_provision_size[slot_id] = data_size;
527 0 : context->local_context.local_cert_chain_provision[slot_id] = data;
528 0 : break;
529 0 : case LIBSPDM_DATA_LOCAL_SUPPORTED_SLOT_MASK:
530 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
531 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
532 : }
533 0 : if (data_size != sizeof(uint8_t)) {
534 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
535 : }
536 0 : context->local_context.local_supported_slot_mask = *(const uint8_t *)data;
537 0 : break;
538 0 : case LIBSPDM_DATA_LOCAL_KEY_PAIR_ID:
539 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
540 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
541 : }
542 0 : slot_id = parameter->additional_data[0];
543 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
544 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
545 : }
546 0 : if (data_size != sizeof(spdm_key_pair_id_t)) {
547 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
548 : }
549 0 : context->local_context.local_key_pair_id[slot_id] = *(const spdm_key_pair_id_t *)data;
550 0 : break;
551 0 : case LIBSPDM_DATA_LOCAL_CERT_INFO:
552 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
553 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
554 : }
555 0 : slot_id = parameter->additional_data[0];
556 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
557 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
558 : }
559 0 : if (data_size != sizeof(spdm_certificate_info_t)) {
560 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
561 : }
562 0 : context->local_context.local_cert_info[slot_id] = *(const spdm_certificate_info_t *)data;
563 0 : break;
564 0 : case LIBSPDM_DATA_LOCAL_KEY_USAGE_BIT_MASK:
565 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
566 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
567 : }
568 0 : slot_id = parameter->additional_data[0];
569 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
570 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
571 : }
572 0 : if (data_size != sizeof(spdm_key_usage_bit_mask_t)) {
573 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
574 : }
575 0 : context->local_context.local_key_usage_bit_mask[slot_id] =
576 0 : libspdm_read_uint16((const uint8_t *)data);
577 0 : break;
578 3 : case LIBSPDM_DATA_PEER_USED_CERT_CHAIN_BUFFER:
579 3 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
580 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
581 : }
582 3 : slot_id = parameter->additional_data[0];
583 3 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
584 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
585 : }
586 3 : context->connection_info.peer_used_cert_chain_slot_id = slot_id;
587 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
588 : if (data_size > LIBSPDM_MAX_CERT_CHAIN_SIZE) {
589 : return LIBSPDM_STATUS_BUFFER_TOO_SMALL;
590 : }
591 : context->connection_info.peer_used_cert_chain[slot_id].buffer_size = data_size;
592 : libspdm_copy_mem(context->connection_info.peer_used_cert_chain[slot_id].buffer,
593 : sizeof(context->connection_info.peer_used_cert_chain[slot_id].buffer),
594 : data, data_size);
595 : #else
596 : #if LIBSPDM_CERT_PARSE_SUPPORT
597 3 : status = libspdm_hash_all(
598 : context->connection_info.algorithm.base_hash_algo,
599 : data, data_size,
600 3 : context->connection_info.peer_used_cert_chain[slot_id].buffer_hash);
601 3 : if (!status) {
602 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
603 : }
604 :
605 6 : context->connection_info.peer_used_cert_chain[slot_id].buffer_hash_size =
606 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
607 :
608 : /*process the SPDM cert header and hash*/
609 3 : data = (const uint8_t *)data + sizeof(spdm_cert_chain_t) +
610 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
611 3 : data_size = data_size -
612 : (sizeof(spdm_cert_chain_t) +
613 3 : libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo));
614 :
615 : /* Get leaf cert from cert chain */
616 3 : status = libspdm_x509_get_cert_from_cert_chain(data, data_size, -1,
617 : &cert_buffer, &cert_buffer_size);
618 3 : if (!status) {
619 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
620 : }
621 :
622 3 : status = false;
623 : #if (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT)
624 3 : if (!status) {
625 3 : status = libspdm_rsa_get_public_key_from_x509(
626 : cert_buffer, cert_buffer_size,
627 3 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
628 : }
629 : #endif
630 : #if LIBSPDM_ECDSA_SUPPORT
631 3 : if (!status) {
632 3 : status = libspdm_ec_get_public_key_from_x509(
633 : cert_buffer, cert_buffer_size,
634 3 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
635 : }
636 : #endif
637 : #if (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT)
638 : if (!status) {
639 : status = libspdm_ecd_get_public_key_from_x509(
640 : cert_buffer, cert_buffer_size,
641 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
642 : }
643 : #endif
644 : #if LIBSPDM_SM2_DSA_SUPPORT
645 : if (!status) {
646 : status = libspdm_sm2_get_public_key_from_x509(
647 : cert_buffer, cert_buffer_size,
648 : &context->connection_info.peer_used_cert_chain[slot_id].leaf_cert_public_key);
649 : }
650 : #endif
651 3 : if (!status) {
652 0 : return LIBSPDM_STATUS_INVALID_CERT;
653 : }
654 : #else
655 : LIBSPDM_ASSERT (false);
656 : #endif /* LIBSPDM_CERT_PARSE_SUPPORT */
657 : #endif /* LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT */
658 3 : break;
659 0 : case LIBSPDM_DATA_PEER_PUBLIC_KEY:
660 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
661 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
662 : }
663 0 : context->local_context.peer_public_key_provision_size = data_size;
664 0 : context->local_context.peer_public_key_provision = data;
665 0 : break;
666 0 : case LIBSPDM_DATA_LOCAL_PUBLIC_KEY:
667 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
668 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
669 : }
670 0 : context->local_context.local_public_key_provision_size = data_size;
671 0 : context->local_context.local_public_key_provision = data;
672 0 : break;
673 0 : case LIBSPDM_DATA_MUT_AUTH_REQUESTED:
674 0 : if (data_size != sizeof(uint8_t)) {
675 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
676 : }
677 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
678 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
679 : }
680 0 : mut_auth_requested = *(const uint8_t *)data;
681 0 : if (((mut_auth_requested != 0) &&
682 : (mut_auth_requested !=
683 0 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED) &&
684 : (mut_auth_requested !=
685 0 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_ENCAP_REQUEST) &&
686 : (mut_auth_requested !=
687 : SPDM_KEY_EXCHANGE_RESPONSE_MUT_AUTH_REQUESTED_WITH_GET_DIGESTS))) {
688 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
689 : }
690 0 : context->encap_context.request_id = 0;
691 0 : slot_id = parameter->additional_data[0];
692 0 : if ((slot_id >= SPDM_MAX_SLOT_COUNT) && (slot_id != 0xFF)) {
693 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
694 : }
695 0 : context->encap_context.req_slot_id = slot_id;
696 0 : break;
697 0 : case LIBSPDM_DATA_HEARTBEAT_PERIOD:
698 0 : if (data_size != sizeof(uint8_t)) {
699 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
700 : }
701 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
702 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
703 : }
704 0 : context->local_context.heartbeat_period = *(const uint8_t *)data;
705 0 : break;
706 4 : case LIBSPDM_DATA_APP_CONTEXT_DATA:
707 4 : if (data_size != sizeof(void *) || *(void *const *)data == NULL) {
708 2 : return LIBSPDM_STATUS_INVALID_PARAMETER;
709 : }
710 2 : context->app_context_data_ptr = *(void *const *)data;
711 2 : break;
712 0 : case LIBSPDM_DATA_HANDLE_ERROR_RETURN_POLICY:
713 0 : if (data_size != sizeof(uint8_t)) {
714 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
715 : }
716 0 : context->handle_error_return_policy = *(const uint8_t *)data;
717 0 : break;
718 0 : case LIBSPDM_DATA_VCA_CACHE:
719 0 : if (data_size > sizeof(context->transcript.message_a.buffer)) {
720 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
721 : }
722 0 : context->transcript.message_a.buffer_size = data_size;
723 0 : libspdm_copy_mem(context->transcript.message_a.buffer,
724 : sizeof(context->transcript.message_a.buffer),
725 : data, data_size);
726 0 : break;
727 0 : case LIBSPDM_DATA_IS_REQUESTER:
728 0 : if (data_size != sizeof(bool)) {
729 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
730 : }
731 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_LOCAL) {
732 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
733 : }
734 0 : context->local_context.is_requester = *(const bool *)data;
735 0 : break;
736 0 : case LIBSPDM_DATA_REQUEST_RETRY_TIMES:
737 0 : if (data_size != sizeof(uint8_t)) {
738 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
739 : }
740 0 : context->retry_times = *(const uint8_t *)data;
741 0 : break;
742 0 : case LIBSPDM_DATA_REQUEST_RETRY_DELAY_TIME:
743 0 : if (data_size != sizeof(uint64_t)) {
744 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
745 : }
746 0 : context->retry_delay_time = *(const uint64_t *)data;
747 0 : break;
748 5 : case LIBSPDM_DATA_MAX_DHE_SESSION_COUNT:
749 5 : if (data_size != sizeof(uint32_t)) {
750 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
751 : }
752 5 : if (*(const uint32_t *)data > LIBSPDM_MAX_SESSION_COUNT - context->max_psk_session_count) {
753 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
754 : }
755 5 : context->max_dhe_session_count = *(const uint32_t *)data;
756 5 : break;
757 5 : case LIBSPDM_DATA_MAX_PSK_SESSION_COUNT:
758 5 : if (data_size != sizeof(uint32_t)) {
759 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
760 : }
761 5 : if (*(const uint32_t *)data > LIBSPDM_MAX_SESSION_COUNT - context->max_dhe_session_count) {
762 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
763 : }
764 5 : context->max_psk_session_count = *(const uint32_t *)data;
765 5 : break;
766 0 : case LIBSPDM_DATA_MAX_SPDM_SESSION_SEQUENCE_NUMBER:
767 0 : if (data_size != sizeof(uint64_t)) {
768 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
769 : }
770 0 : context->max_spdm_session_sequence_number = *(const uint64_t *)data;
771 0 : if (context->max_spdm_session_sequence_number == 0) {
772 0 : context->max_spdm_session_sequence_number = LIBSPDM_MAX_SPDM_SESSION_SEQUENCE_NUMBER;
773 : }
774 0 : break;
775 0 : case LIBSPDM_DATA_SPDM_VERSION_10_11_VERIFY_SIGNATURE_ENDIAN:
776 0 : if (data_size != sizeof(uint8_t)) {
777 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
778 : }
779 0 : if (*(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_ONLY &&
780 0 : *(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_LITTLE_ONLY &&
781 0 : *(const uint8_t*)data != LIBSPDM_SPDM_10_11_VERIFY_SIGNATURE_ENDIAN_BIG_OR_LITTLE) {
782 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
783 : }
784 0 : context->spdm_10_11_verify_signature_endian = *(const uint8_t*)data;
785 0 : break;
786 0 : case LIBSPDM_DATA_SEQUENCE_NUMBER_ENDIAN:
787 0 : if (data_size != sizeof(uint8_t)) {
788 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
789 : }
790 0 : context->sequence_number_endian = *(const uint8_t *)data;
791 0 : break;
792 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_REQ:
793 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
794 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
795 : }
796 0 : if (data_size != sizeof(bool)) {
797 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
798 : }
799 0 : context->connection_info.multi_key_conn_req = *(const bool *)data;
800 0 : break;
801 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_RSP:
802 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
803 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
804 : }
805 0 : if (data_size != sizeof(bool)) {
806 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
807 : }
808 0 : context->connection_info.multi_key_conn_rsp = *(const bool *)data;
809 0 : break;
810 0 : default:
811 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
812 : break;
813 : }
814 :
815 16 : return LIBSPDM_STATUS_SUCCESS;
816 : }
817 :
818 18 : libspdm_return_t libspdm_get_data(void *spdm_context, libspdm_data_type_t data_type,
819 : const libspdm_data_parameter_t *parameter,
820 : void *data, size_t *data_size)
821 : {
822 : libspdm_context_t *context;
823 18 : libspdm_secured_message_context_t *secured_context = NULL;
824 : size_t target_data_size;
825 : void *target_data;
826 : uint32_t session_id;
827 : libspdm_session_info_t *session_info;
828 : size_t digest_size;
829 : size_t digest_count;
830 : uint8_t slot_id;
831 : size_t index;
832 :
833 18 : if (spdm_context == NULL || data == NULL || data_size == NULL ||
834 : data_type >= LIBSPDM_DATA_MAX) {
835 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
836 : }
837 :
838 18 : context = spdm_context;
839 :
840 18 : if (data_type == LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES) {
841 : /* end_session_attributes is present in both a session context as well as an
842 : * spdm context. */
843 0 : session_id = libspdm_read_uint32(parameter->additional_data);
844 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
845 18 : } else if (need_session_info_for_data(data_type)) {
846 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_SESSION) {
847 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
848 : }
849 0 : session_id = libspdm_read_uint32(parameter->additional_data);
850 0 : session_info = libspdm_get_session_info_via_session_id(context, session_id);
851 0 : if (session_info == NULL) {
852 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
853 : }
854 0 : secured_context = session_info->secured_message_context;
855 : } else {
856 18 : session_info = NULL;
857 : }
858 :
859 18 : switch (data_type) {
860 0 : case LIBSPDM_DATA_SPDM_VERSION:
861 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
862 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
863 : }
864 0 : target_data_size = sizeof(spdm_version_number_t);
865 0 : target_data = &(context->connection_info.version);
866 0 : break;
867 0 : case LIBSPDM_DATA_SESSION_SECURED_MESSAGE_VERSION:
868 0 : target_data_size = sizeof(spdm_version_number_t);
869 0 : target_data = &(secured_context->secured_message_version);
870 0 : break;
871 0 : case LIBSPDM_DATA_CAPABILITY_FLAGS:
872 0 : target_data_size = sizeof(uint32_t);
873 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
874 0 : target_data = &context->connection_info.capability.flags;
875 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
876 0 : target_data = &context->local_context.capability.flags;
877 : } else {
878 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
879 : }
880 0 : break;
881 0 : case LIBSPDM_DATA_CAPABILITY_EXT_FLAGS:
882 0 : target_data_size = sizeof(uint16_t);
883 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
884 0 : target_data = &context->connection_info.capability.ext_flags;
885 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
886 0 : target_data = &context->local_context.capability.ext_flags;
887 : } else {
888 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
889 : }
890 0 : break;
891 0 : case LIBSPDM_DATA_CAPABILITY_CT_EXPONENT:
892 0 : target_data_size = sizeof(uint8_t);
893 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
894 0 : target_data = &context->connection_info.capability.ct_exponent;
895 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
896 0 : target_data = &context->local_context.capability.ct_exponent;
897 : } else {
898 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
899 : }
900 0 : break;
901 0 : case LIBSPDM_DATA_CAPABILITY_DATA_TRANSFER_SIZE:
902 0 : target_data_size = sizeof(uint32_t);
903 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
904 0 : target_data = &context->connection_info.capability.data_transfer_size;
905 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
906 0 : target_data = &context->local_context.capability.data_transfer_size;
907 : } else {
908 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
909 : }
910 0 : break;
911 0 : case LIBSPDM_DATA_CAPABILITY_MAX_SPDM_MSG_SIZE:
912 0 : target_data_size = sizeof(uint32_t);
913 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
914 0 : target_data = &context->connection_info.capability.max_spdm_msg_size;
915 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
916 0 : target_data = &context->local_context.capability.max_spdm_msg_size;
917 : } else {
918 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
919 : }
920 0 : break;
921 0 : case LIBSPDM_DATA_CAPABILITY_SENDER_DATA_TRANSFER_SIZE:
922 0 : target_data_size = sizeof(uint32_t);
923 0 : if (parameter->location == LIBSPDM_DATA_LOCATION_CONNECTION) {
924 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
925 0 : } else if (parameter->location == LIBSPDM_DATA_LOCATION_LOCAL) {
926 0 : target_data = &context->local_context.capability.sender_data_transfer_size;
927 : } else {
928 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
929 : }
930 0 : break;
931 0 : case LIBSPDM_DATA_MEASUREMENT_SPEC:
932 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
933 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
934 : }
935 0 : target_data_size = sizeof(uint8_t);
936 0 : target_data = &context->connection_info.algorithm.measurement_spec;
937 0 : break;
938 0 : case LIBSPDM_DATA_MEASUREMENT_HASH_ALGO:
939 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
940 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
941 : }
942 0 : target_data_size = sizeof(uint32_t);
943 0 : target_data = &context->connection_info.algorithm.measurement_hash_algo;
944 0 : break;
945 0 : case LIBSPDM_DATA_BASE_ASYM_ALGO:
946 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
947 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
948 : }
949 0 : target_data_size = sizeof(uint32_t);
950 0 : target_data = &context->connection_info.algorithm.base_asym_algo;
951 0 : break;
952 0 : case LIBSPDM_DATA_BASE_HASH_ALGO:
953 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
954 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
955 : }
956 0 : target_data_size = sizeof(uint32_t);
957 0 : target_data = &context->connection_info.algorithm.base_hash_algo;
958 0 : break;
959 0 : case LIBSPDM_DATA_DHE_NAME_GROUP:
960 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
961 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
962 : }
963 0 : target_data_size = sizeof(uint16_t);
964 0 : target_data = &context->connection_info.algorithm.dhe_named_group;
965 0 : break;
966 0 : case LIBSPDM_DATA_AEAD_CIPHER_SUITE:
967 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
968 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
969 : }
970 0 : target_data_size = sizeof(uint16_t);
971 0 : target_data = &context->connection_info.algorithm.aead_cipher_suite;
972 0 : break;
973 0 : case LIBSPDM_DATA_REQ_BASE_ASYM_ALG:
974 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
975 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
976 : }
977 0 : target_data_size = sizeof(uint16_t);
978 0 : target_data = &context->connection_info.algorithm.req_base_asym_alg;
979 0 : break;
980 0 : case LIBSPDM_DATA_KEY_SCHEDULE:
981 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
982 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
983 : }
984 0 : target_data_size = sizeof(uint16_t);
985 0 : target_data = &context->connection_info.algorithm.key_schedule;
986 0 : break;
987 0 : case LIBSPDM_DATA_OTHER_PARAMS_SUPPORT:
988 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
989 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
990 : }
991 0 : target_data_size = sizeof(uint8_t);
992 0 : target_data = &context->connection_info.algorithm.other_params_support;
993 0 : break;
994 0 : case LIBSPDM_DATA_MEL_SPEC:
995 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
996 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
997 : }
998 0 : target_data_size = sizeof(uint8_t);
999 0 : target_data = &context->connection_info.algorithm.mel_spec;
1000 0 : break;
1001 0 : case LIBSPDM_DATA_PQC_ASYM_ALGO:
1002 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1003 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1004 : }
1005 0 : target_data_size = sizeof(uint32_t);
1006 0 : target_data = &context->connection_info.algorithm.pqc_asym_algo;
1007 0 : break;
1008 0 : case LIBSPDM_DATA_REQ_PQC_ASYM_ALG:
1009 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1010 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1011 : }
1012 0 : target_data_size = sizeof(uint32_t);
1013 0 : target_data = &context->connection_info.algorithm.req_pqc_asym_alg;
1014 0 : break;
1015 0 : case LIBSPDM_DATA_KEM_ALG:
1016 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1017 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1018 : }
1019 0 : target_data_size = sizeof(uint32_t);
1020 0 : target_data = &context->connection_info.algorithm.kem_alg;
1021 0 : break;
1022 0 : case LIBSPDM_DATA_CONNECTION_STATE:
1023 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1024 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1025 : }
1026 0 : target_data_size = sizeof(libspdm_connection_state_t);
1027 0 : target_data = &context->connection_info.connection_state;
1028 0 : break;
1029 0 : case LIBSPDM_DATA_RESPONSE_STATE:
1030 0 : target_data_size = sizeof(libspdm_response_state_t);
1031 0 : target_data = &context->response_state;
1032 0 : break;
1033 6 : case LIBSPDM_DATA_PEER_PROVISIONED_SLOT_MASK:
1034 6 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1035 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1036 : }
1037 6 : target_data_size = sizeof(uint8_t);
1038 6 : target_data = &context->connection_info.peer_provisioned_slot_mask;
1039 6 : break;
1040 0 : case LIBSPDM_DATA_PEER_SUPPORTED_SLOT_MASK:
1041 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1042 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1043 : }
1044 0 : target_data_size = sizeof(uint8_t);
1045 0 : target_data = &context->connection_info.peer_supported_slot_mask;
1046 0 : break;
1047 6 : case LIBSPDM_DATA_PEER_TOTAL_DIGEST_BUFFER:
1048 6 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1049 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1050 : }
1051 6 : digest_count = 0;
1052 54 : for (index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
1053 48 : if (context->connection_info.peer_provisioned_slot_mask & (1 << index)) {
1054 20 : digest_count++;
1055 : }
1056 : }
1057 6 : digest_size = libspdm_get_hash_size(context->connection_info.algorithm.base_hash_algo);
1058 6 : target_data_size = digest_size * digest_count;
1059 6 : target_data = context->connection_info.peer_total_digest_buffer;
1060 6 : break;
1061 0 : case LIBSPDM_DATA_PEER_KEY_PAIR_ID:
1062 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1063 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1064 : }
1065 0 : slot_id = parameter->additional_data[0];
1066 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1067 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1068 : }
1069 0 : target_data_size = sizeof(spdm_key_pair_id_t);
1070 0 : target_data = &context->connection_info.peer_key_pair_id[slot_id];
1071 0 : break;
1072 0 : case LIBSPDM_DATA_PEER_CERT_INFO:
1073 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1074 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1075 : }
1076 0 : slot_id = parameter->additional_data[0];
1077 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1078 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1079 : }
1080 0 : target_data_size = sizeof(spdm_certificate_info_t);
1081 0 : target_data = &context->connection_info.peer_cert_info[slot_id];
1082 0 : break;
1083 0 : case LIBSPDM_DATA_PEER_KEY_USAGE_BIT_MASK:
1084 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1085 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1086 : }
1087 0 : slot_id = parameter->additional_data[0];
1088 0 : if (slot_id >= SPDM_MAX_SLOT_COUNT) {
1089 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1090 : }
1091 0 : target_data_size = sizeof(spdm_key_usage_bit_mask_t);
1092 0 : target_data = &context->connection_info.peer_key_usage_bit_mask[slot_id];
1093 0 : break;
1094 0 : case LIBSPDM_DATA_SESSION_USE_PSK:
1095 0 : target_data_size = sizeof(bool);
1096 0 : target_data = &session_info->use_psk;
1097 0 : break;
1098 0 : case LIBSPDM_DATA_SESSION_MUT_AUTH_REQUESTED:
1099 0 : target_data_size = sizeof(uint8_t);
1100 0 : target_data = &session_info->mut_auth_requested;
1101 0 : break;
1102 0 : case LIBSPDM_DATA_SESSION_END_SESSION_ATTRIBUTES:
1103 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1104 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1105 : }
1106 0 : target_data_size = sizeof(uint8_t);
1107 0 : if (session_info == NULL) {
1108 0 : target_data = &context->connection_info.end_session_attributes;
1109 : } else {
1110 0 : target_data = &session_info->end_session_attributes;
1111 : }
1112 0 : break;
1113 0 : case LIBSPDM_DATA_SESSION_POLICY:
1114 0 : target_data_size = sizeof(uint8_t);
1115 0 : target_data = &session_info->session_policy;
1116 0 : break;
1117 6 : case LIBSPDM_DATA_APP_CONTEXT_DATA:
1118 6 : target_data_size = sizeof(void *);
1119 6 : target_data = &context->app_context_data_ptr;
1120 6 : break;
1121 0 : case LIBSPDM_DATA_HANDLE_ERROR_RETURN_POLICY:
1122 0 : target_data_size = sizeof(uint8_t);
1123 0 : target_data = &context->handle_error_return_policy;
1124 0 : break;
1125 0 : case LIBSPDM_DATA_MAX_DHE_SESSION_COUNT:
1126 0 : target_data_size = sizeof(uint32_t);
1127 0 : target_data = &context->max_dhe_session_count;
1128 0 : break;
1129 0 : case LIBSPDM_DATA_MAX_PSK_SESSION_COUNT:
1130 0 : target_data_size = sizeof(uint32_t);
1131 0 : target_data = &context->max_psk_session_count;
1132 0 : break;
1133 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_REQ_DIR:
1134 0 : target_data_size = sizeof(uint64_t);
1135 0 : target_data = &secured_context->application_secret.request_data_sequence_number;
1136 0 : break;
1137 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_RSP_DIR:
1138 0 : target_data_size = sizeof(uint64_t);
1139 0 : target_data = &secured_context->application_secret.response_data_sequence_number;
1140 0 : break;
1141 0 : case LIBSPDM_DATA_MAX_SPDM_SESSION_SEQUENCE_NUMBER:
1142 0 : target_data_size = sizeof(uint64_t);
1143 0 : target_data = &context->max_spdm_session_sequence_number;
1144 0 : break;
1145 0 : case LIBSPDM_DATA_VCA_CACHE:
1146 0 : target_data_size = context->transcript.message_a.buffer_size;
1147 0 : target_data = context->transcript.message_a.buffer;
1148 0 : break;
1149 0 : case LIBSPDM_DATA_REQUEST_AND_SIZE:
1150 0 : target_data_size = context->last_spdm_request_size;
1151 0 : target_data = context->last_spdm_request;
1152 0 : break;
1153 0 : case LIBSPDM_DATA_SPDM_VERSION_10_11_VERIFY_SIGNATURE_ENDIAN:
1154 0 : target_data_size = sizeof(uint8_t);
1155 0 : target_data = &context->spdm_10_11_verify_signature_endian;
1156 0 : break;
1157 0 : case LIBSPDM_DATA_SEQUENCE_NUMBER_ENDIAN:
1158 0 : target_data_size = sizeof(uint8_t);
1159 0 : target_data = &context->sequence_number_endian;
1160 0 : break;
1161 0 : case LIBSPDM_DATA_SESSION_SEQUENCE_NUMBER_ENDIAN:
1162 0 : target_data_size = sizeof(uint8_t);
1163 0 : target_data = &secured_context->sequence_number_endian;
1164 0 : break;
1165 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_REQ:
1166 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1167 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1168 : }
1169 0 : target_data_size = sizeof(bool);
1170 0 : target_data = &context->connection_info.multi_key_conn_req;
1171 0 : break;
1172 0 : case LIBSPDM_DATA_MULTI_KEY_CONN_RSP:
1173 0 : if (parameter->location != LIBSPDM_DATA_LOCATION_CONNECTION) {
1174 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
1175 : }
1176 0 : target_data_size = sizeof(bool);
1177 0 : target_data = &context->connection_info.multi_key_conn_rsp;
1178 0 : break;
1179 0 : default:
1180 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
1181 : break;
1182 : }
1183 :
1184 18 : if (*data_size < target_data_size) {
1185 1 : *data_size = target_data_size;
1186 1 : return LIBSPDM_STATUS_BUFFER_TOO_SMALL;
1187 : }
1188 17 : libspdm_copy_mem(data, *data_size, target_data, target_data_size);
1189 17 : *data_size = target_data_size;
1190 :
1191 17 : return LIBSPDM_STATUS_SUCCESS;
1192 : }
1193 :
1194 : #if LIBSPDM_CHECK_SPDM_CONTEXT
1195 3 : bool libspdm_check_context (void *spdm_context)
1196 : {
1197 : libspdm_context_t *context;
1198 : size_t index;
1199 :
1200 3 : context = spdm_context;
1201 :
1202 3 : if (context->local_context.capability.data_transfer_size <
1203 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12) {
1204 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1205 : "data_transfer_size must be greater than or equal "
1206 : "to SPDM_MIN_DATA_TRANSFER_SIZE (%d).\n",
1207 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12));
1208 1 : return false;
1209 : }
1210 :
1211 2 : if (context->local_context.capability.max_spdm_msg_size <
1212 2 : context->local_context.capability.data_transfer_size) {
1213 1 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1214 : "max_spdm_msg_size (%d) must be greater than or "
1215 : "equal to data_transfer_size (%d).\n",
1216 : context->local_context.capability.max_spdm_msg_size,
1217 : context->local_context.capability.data_transfer_size));
1218 1 : return false;
1219 : }
1220 :
1221 1 : if (context->local_context.capability.sender_data_transfer_size <
1222 : SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12) {
1223 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1224 : "sender_data_transfer_size must be greater than or equal "
1225 : "to %d.\n", SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12));
1226 0 : return false;
1227 : }
1228 :
1229 1 : if (context->local_context.capability.max_spdm_msg_size <
1230 1 : context->local_context.capability.sender_data_transfer_size) {
1231 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1232 : "max_spdm_msg_size (%d) must be greater than or "
1233 : "equal to sender_data_transfer_size (%d).\n",
1234 : context->local_context.capability.max_spdm_msg_size,
1235 : context->local_context.capability.sender_data_transfer_size));
1236 0 : return false;
1237 : }
1238 :
1239 1 : if (((context->local_context.capability.flags &
1240 0 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_CHUNK_CAP) != 0) &&
1241 0 : (context->local_context.capability.max_spdm_msg_size != 0)) {
1242 0 : for (index = 0; index < SPDM_MAX_SLOT_COUNT; index++) {
1243 0 : if ((context->local_context.local_cert_chain_provision_size[index] != 0) &&
1244 0 : (context->local_context.local_cert_chain_provision_size[index] +
1245 : sizeof(spdm_certificate_response_t) >
1246 0 : context->local_context.capability.max_spdm_msg_size)) {
1247 0 : LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR,
1248 : "max_spdm_msg_size (%d) must be greater than or "
1249 : "equal to local_cert_chain_provision_size[%zu] (%zu).\n",
1250 : context->local_context.capability.max_spdm_msg_size, index,
1251 : context->local_context.local_cert_chain_provision_size[index]));
1252 0 : return false;
1253 : }
1254 : }
1255 : }
1256 :
1257 1 : return true;
1258 : }
1259 : #endif /* LIBSPDM_CHECK_CONTEXT */
1260 :
1261 : /**
1262 : * Reset message A cache in SPDM context.
1263 : *
1264 : * @param spdm_context A pointer to the SPDM context.
1265 : **/
1266 677 : void libspdm_reset_message_a(libspdm_context_t *spdm_context)
1267 : {
1268 677 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_a);
1269 677 : }
1270 :
1271 : /**
1272 : * Reset message D cache in SPDM context.
1273 : *
1274 : * @param spdm_context A pointer to the SPDM context.
1275 : **/
1276 51 : void libspdm_reset_message_d(libspdm_context_t *spdm_context)
1277 : {
1278 51 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_d);
1279 51 : }
1280 :
1281 : /**
1282 : * Reset message B cache in SPDM context.
1283 : *
1284 : * @param spdm_context A pointer to the SPDM context.
1285 : **/
1286 1003 : void libspdm_reset_message_b(libspdm_context_t *spdm_context)
1287 : {
1288 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1289 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_b);
1290 : #else
1291 1003 : if (spdm_context->transcript.digest_context_m1m2 != NULL) {
1292 184 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1293 : spdm_context->transcript.digest_context_m1m2);
1294 184 : spdm_context->transcript.digest_context_m1m2 = NULL;
1295 : }
1296 : #endif
1297 1003 : }
1298 :
1299 : /**
1300 : * Reset message C cache in SPDM context.
1301 : *
1302 : * @param spdm_context A pointer to the SPDM context.
1303 : **/
1304 589 : void libspdm_reset_message_c(libspdm_context_t *spdm_context)
1305 : {
1306 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1307 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_c);
1308 : #else
1309 589 : if (spdm_context->transcript.digest_context_m1m2 != NULL) {
1310 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1311 : spdm_context->transcript.digest_context_m1m2);
1312 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1313 : }
1314 : #endif
1315 589 : }
1316 :
1317 : /**
1318 : * Reset message MutB cache in SPDM context.
1319 : *
1320 : * @param spdm_context A pointer to the SPDM context.
1321 : **/
1322 522 : void libspdm_reset_message_mut_b(libspdm_context_t *spdm_context)
1323 : {
1324 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1325 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_mut_b);
1326 : #else
1327 522 : if (spdm_context->transcript.digest_context_mut_m1m2 != NULL) {
1328 33 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1329 : spdm_context->transcript.digest_context_mut_m1m2);
1330 33 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1331 : }
1332 : #endif
1333 522 : }
1334 :
1335 : /**
1336 : * Reset message MutC cache in SPDM context.
1337 : *
1338 : * @param spdm_context A pointer to the SPDM context.
1339 : **/
1340 500 : void libspdm_reset_message_mut_c(libspdm_context_t *spdm_context)
1341 : {
1342 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1343 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_mut_c);
1344 : #else
1345 500 : if (spdm_context->transcript.digest_context_mut_m1m2 != NULL) {
1346 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1347 : spdm_context->transcript.digest_context_mut_m1m2);
1348 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1349 : }
1350 : #endif
1351 500 : }
1352 :
1353 : /**
1354 : * Reset message M cache in SPDM context.
1355 : * If session_info is NULL, this function will use M cache of SPDM context,
1356 : * else will use M cache of SPDM session context.
1357 : *
1358 : * @param spdm_context A pointer to the SPDM context.
1359 : * @param session_info A pointer to the SPDM session context.
1360 : **/
1361 4160 : void libspdm_reset_message_m(libspdm_context_t *spdm_context, void *session_info)
1362 : {
1363 : libspdm_session_info_t *spdm_session_info;
1364 :
1365 4160 : spdm_session_info = session_info;
1366 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1367 : if (spdm_session_info == NULL) {
1368 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_m);
1369 : } else {
1370 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_m);
1371 : }
1372 : #else
1373 4160 : if (spdm_session_info == NULL) {
1374 3880 : if (spdm_context->transcript.digest_context_l1l2 != NULL) {
1375 62 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1376 : spdm_context->transcript.digest_context_l1l2);
1377 62 : spdm_context->transcript.digest_context_l1l2 = NULL;
1378 : }
1379 : } else {
1380 280 : if (spdm_session_info->session_transcript.digest_context_l1l2 != NULL) {
1381 2 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1382 : spdm_session_info->session_transcript.digest_context_l1l2);
1383 2 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1384 : }
1385 : }
1386 : #endif
1387 4160 : }
1388 :
1389 : /**
1390 : * Reset message K cache in SPDM context.
1391 : *
1392 : * @param spdm_context A pointer to the SPDM context.
1393 : * @param spdm_session_info A pointer to the SPDM session context.
1394 : **/
1395 0 : void libspdm_reset_message_k(libspdm_context_t *spdm_context, void *session_info)
1396 : {
1397 : libspdm_session_info_t *spdm_session_info;
1398 :
1399 0 : spdm_session_info = session_info;
1400 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1401 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_k);
1402 : #else
1403 : {
1404 0 : if (spdm_session_info->session_transcript.digest_context_th != NULL) {
1405 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1406 : spdm_session_info->session_transcript.digest_context_th);
1407 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
1408 : }
1409 0 : if (spdm_session_info->session_transcript.digest_context_th_backup != NULL) {
1410 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1411 : spdm_session_info->session_transcript.digest_context_th_backup);
1412 0 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
1413 : }
1414 : }
1415 : #endif
1416 0 : }
1417 :
1418 : /**
1419 : * Reset message EncapD cache in SPDM context.
1420 : *
1421 : * @param spdm_context A pointer to the SPDM context.
1422 : * @param spdm_session_info A pointer to the SPDM session context.
1423 : **/
1424 6 : void libspdm_reset_message_encap_d(libspdm_context_t *spdm_context, void *session_info)
1425 : {
1426 : libspdm_session_info_t *spdm_session_info;
1427 :
1428 6 : spdm_session_info = session_info;
1429 6 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_encap_d);
1430 6 : }
1431 :
1432 : /**
1433 : * Reset message F cache in SPDM context.
1434 : *
1435 : * @param spdm_context A pointer to the SPDM context.
1436 : * @param spdm_session_info A pointer to the SPDM session context.
1437 : **/
1438 21 : void libspdm_reset_message_f(libspdm_context_t *spdm_context, void *session_info)
1439 : {
1440 : libspdm_session_info_t *spdm_session_info;
1441 :
1442 21 : spdm_session_info = session_info;
1443 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1444 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_f);
1445 : #else
1446 : {
1447 21 : if (spdm_session_info->session_transcript.digest_context_th != NULL) {
1448 21 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1449 : spdm_session_info->session_transcript.digest_context_th);
1450 21 : spdm_session_info->session_transcript.digest_context_th =
1451 21 : spdm_session_info->session_transcript.digest_context_th_backup;
1452 21 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
1453 : }
1454 21 : spdm_session_info->session_transcript.message_f_initialized = false;
1455 : }
1456 : #endif
1457 21 : }
1458 :
1459 : /**
1460 : * Reset message E cache in SPDM context.
1461 : * If session_info is NULL, this function will use E cache of SPDM context,
1462 : * else will use E cache of SPDM session context.
1463 : *
1464 : * @param spdm_context A pointer to the SPDM context.
1465 : * @param spdm_session_info A pointer to the SPDM session context.
1466 : **/
1467 185 : void libspdm_reset_message_e(libspdm_context_t *spdm_context, void *session_info)
1468 : {
1469 : libspdm_session_info_t *spdm_session_info;
1470 :
1471 185 : spdm_session_info = session_info;
1472 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1473 : if (spdm_session_info == NULL) {
1474 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_e);
1475 : } else {
1476 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_e);
1477 : }
1478 : #else
1479 185 : if (spdm_session_info == NULL) {
1480 177 : if (spdm_context->transcript.digest_context_il1il2 != NULL) {
1481 14 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1482 : spdm_context->transcript.digest_context_il1il2);
1483 14 : spdm_context->transcript.digest_context_il1il2 = NULL;
1484 : }
1485 : } else {
1486 8 : if (spdm_session_info->session_transcript.digest_context_il1il2 != NULL) {
1487 3 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1488 : spdm_session_info->session_transcript.digest_context_il1il2);
1489 3 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
1490 : }
1491 : }
1492 : #endif
1493 185 : }
1494 :
1495 : /**
1496 : * Reset message encap E cache in SPDM context.
1497 : * If session_info is NULL, this function will use encap E cache of SPDM context,
1498 : * else will use encap E cache of SPDM session context.
1499 : *
1500 : * @param spdm_context A pointer to the SPDM context.
1501 : * @param spdm_session_info A pointer to the SPDM session context.
1502 : **/
1503 144 : void libspdm_reset_message_encap_e(libspdm_context_t *spdm_context, void *session_info)
1504 : {
1505 : libspdm_session_info_t *spdm_session_info;
1506 :
1507 144 : spdm_session_info = session_info;
1508 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1509 : if (spdm_session_info == NULL) {
1510 : libspdm_reset_managed_buffer(&spdm_context->transcript.message_encap_e);
1511 : } else {
1512 : libspdm_reset_managed_buffer(&spdm_session_info->session_transcript.message_encap_e);
1513 : }
1514 : #else
1515 144 : if (spdm_session_info == NULL) {
1516 137 : if (spdm_context->transcript.digest_context_encap_il1il2 != NULL) {
1517 12 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1518 : spdm_context->transcript.digest_context_encap_il1il2);
1519 12 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
1520 : }
1521 : } else {
1522 7 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 != NULL) {
1523 2 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1524 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
1525 2 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
1526 : }
1527 : }
1528 : #endif
1529 144 : }
1530 :
1531 : /**
1532 : * Reset message buffer in SPDM context according to request code.
1533 : *
1534 : * @param spdm_context A pointer to the SPDM context.
1535 : * @param spdm_session_info A pointer to the SPDM session context.
1536 : * @param spdm_request The SPDM request code.
1537 : */
1538 4254 : void libspdm_reset_message_buffer_via_request_code(void *context, void *session_info,
1539 : uint8_t request_code)
1540 : {
1541 : libspdm_context_t *spdm_context;
1542 :
1543 4254 : spdm_context = context;
1544 : /**
1545 : * Any request other than SPDM_GET_MEASUREMENTS resets L1/L2
1546 : */
1547 4254 : if (request_code != SPDM_GET_MEASUREMENTS) {
1548 3829 : libspdm_reset_message_m(spdm_context, session_info);
1549 : }
1550 : /**
1551 : * If the Requester issued GET_MEASUREMENTS or KEY_EXCHANGE or FINISH or PSK_EXCHANGE
1552 : * or PSK_FINISH or KEY_UPDATE or HEARTBEAT or GET_ENCAPSULATED_REQUEST or DELIVER_ENCAPSULATED_RESPONSE
1553 : * or END_SESSION request(s) or SPDM_GET_MEASUREMENT_EXTENSION_LOG and skipped CHALLENGE completion, M1 and M2 are reset to null.
1554 : */
1555 4254 : switch (request_code)
1556 : {
1557 876 : case SPDM_KEY_EXCHANGE:
1558 : case SPDM_GET_MEASUREMENTS:
1559 : case SPDM_FINISH:
1560 : case SPDM_PSK_EXCHANGE:
1561 : case SPDM_PSK_FINISH:
1562 : case SPDM_KEY_UPDATE:
1563 : case SPDM_HEARTBEAT:
1564 : case SPDM_GET_ENCAPSULATED_REQUEST:
1565 : case SPDM_END_SESSION:
1566 : case SPDM_GET_MEASUREMENT_EXTENSION_LOG:
1567 876 : if (spdm_context->connection_info.connection_state <
1568 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED) {
1569 434 : libspdm_reset_message_b(spdm_context);
1570 434 : libspdm_reset_message_c(spdm_context);
1571 434 : libspdm_reset_message_mut_b(spdm_context);
1572 434 : libspdm_reset_message_mut_c(spdm_context);
1573 : }
1574 876 : break;
1575 5 : case SPDM_DELIVER_ENCAPSULATED_RESPONSE:
1576 5 : if (spdm_context->connection_info.connection_state <
1577 : LIBSPDM_CONNECTION_STATE_AUTHENTICATED) {
1578 5 : libspdm_reset_message_b(spdm_context);
1579 5 : libspdm_reset_message_c(spdm_context);
1580 : }
1581 5 : break;
1582 60 : case SPDM_GET_DIGESTS:
1583 60 : libspdm_reset_message_b(spdm_context);
1584 60 : break;
1585 56 : case SPDM_GET_ENDPOINT_INFO:
1586 56 : libspdm_reset_message_e(spdm_context, session_info);
1587 56 : libspdm_reset_message_encap_e(spdm_context, session_info);
1588 56 : break;
1589 3257 : default:
1590 3257 : break;
1591 : }
1592 4254 : }
1593 :
1594 177 : libspdm_return_t libspdm_append_message_a(libspdm_context_t *spdm_context, const void *message,
1595 : size_t message_size)
1596 : {
1597 177 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_a,
1598 : message, message_size);
1599 : }
1600 :
1601 7 : libspdm_return_t libspdm_append_message_d(libspdm_context_t *spdm_context, const void *message,
1602 : size_t message_size)
1603 : {
1604 : /* Only the first message D after VCA in connection counts */
1605 7 : if (libspdm_get_managed_buffer_size(&spdm_context->transcript.message_d) != 0) {
1606 1 : return LIBSPDM_STATUS_SUCCESS;
1607 : }
1608 6 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_d,
1609 : message, message_size);
1610 : }
1611 :
1612 5932 : libspdm_return_t libspdm_append_message_b(libspdm_context_t *spdm_context, const void *message,
1613 : size_t message_size)
1614 : {
1615 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1616 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_b,
1617 : message, message_size);
1618 : #else
1619 : {
1620 : bool result;
1621 :
1622 5932 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1623 163 : spdm_context->transcript.digest_context_m1m2 = libspdm_hash_new (
1624 : spdm_context->connection_info.algorithm.base_hash_algo);
1625 163 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1626 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1627 : }
1628 163 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1629 : spdm_context->transcript.digest_context_m1m2);
1630 163 : if (!result) {
1631 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1632 : spdm_context->transcript.digest_context_m1m2);
1633 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1634 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1635 : }
1636 163 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1637 : spdm_context->transcript.digest_context_m1m2,
1638 163 : libspdm_get_managed_buffer(&spdm_context->transcript.
1639 : message_a),
1640 163 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1641 : message_a));
1642 163 : if (!result) {
1643 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1644 : spdm_context->transcript.digest_context_m1m2);
1645 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1646 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1647 : }
1648 : }
1649 :
1650 5932 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1651 : spdm_context->transcript.digest_context_m1m2, message,
1652 : message_size);
1653 5932 : if (!result) {
1654 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1655 : spdm_context->transcript.digest_context_m1m2);
1656 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1657 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1658 : }
1659 :
1660 5932 : return LIBSPDM_STATUS_SUCCESS;
1661 : }
1662 : #endif
1663 : }
1664 :
1665 52 : libspdm_return_t libspdm_append_message_c(libspdm_context_t *spdm_context, const void *message,
1666 : size_t message_size)
1667 : {
1668 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1669 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_c,
1670 : message, message_size);
1671 : #else
1672 : {
1673 : bool result;
1674 :
1675 52 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1676 25 : spdm_context->transcript.digest_context_m1m2 = libspdm_hash_new (
1677 : spdm_context->connection_info.algorithm.base_hash_algo);
1678 25 : if (spdm_context->transcript.digest_context_m1m2 == NULL) {
1679 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1680 : }
1681 25 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1682 : spdm_context->transcript.digest_context_m1m2);
1683 25 : if (!result) {
1684 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1685 : spdm_context->transcript.digest_context_m1m2);
1686 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1687 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1688 : }
1689 25 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1690 : spdm_context->transcript.digest_context_m1m2,
1691 25 : libspdm_get_managed_buffer(&spdm_context->transcript.
1692 : message_a),
1693 25 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1694 : message_a));
1695 25 : if (!result) {
1696 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1697 : spdm_context->transcript.digest_context_m1m2);
1698 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1699 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1700 : }
1701 : }
1702 :
1703 52 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1704 : spdm_context->transcript.digest_context_m1m2, message,
1705 : message_size);
1706 52 : if (!result) {
1707 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1708 : spdm_context->transcript.digest_context_m1m2);
1709 0 : spdm_context->transcript.digest_context_m1m2 = NULL;
1710 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1711 : }
1712 :
1713 52 : return LIBSPDM_STATUS_SUCCESS;
1714 : }
1715 : #endif
1716 : }
1717 :
1718 2847 : libspdm_return_t libspdm_append_message_mut_b(libspdm_context_t *spdm_context, const void *message,
1719 : size_t message_size)
1720 : {
1721 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1722 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_mut_b,
1723 : message, message_size);
1724 : #else
1725 : {
1726 : bool result;
1727 :
1728 2847 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1729 32 : spdm_context->transcript.digest_context_mut_m1m2 = libspdm_hash_new (
1730 : spdm_context->connection_info.algorithm.base_hash_algo);
1731 32 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1732 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1733 : }
1734 32 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1735 : spdm_context->transcript.digest_context_mut_m1m2);
1736 32 : if (!result) {
1737 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1738 : spdm_context->transcript.digest_context_mut_m1m2);
1739 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1740 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1741 : }
1742 32 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1743 : SPDM_MESSAGE_VERSION_11) {
1744 :
1745 : /* Need append VCA since 1.2 script */
1746 5 : result = libspdm_hash_update (
1747 : spdm_context->connection_info.algorithm.base_hash_algo,
1748 : spdm_context->transcript.digest_context_mut_m1m2,
1749 5 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
1750 5 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1751 : message_a));
1752 5 : if (!result) {
1753 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1754 : spdm_context->transcript.digest_context_mut_m1m2);
1755 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1756 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1757 : }
1758 : }
1759 : }
1760 :
1761 2847 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1762 : spdm_context->transcript.digest_context_mut_m1m2, message,
1763 : message_size);
1764 2847 : if (!result) {
1765 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1766 : spdm_context->transcript.digest_context_mut_m1m2);
1767 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1768 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1769 : }
1770 :
1771 2847 : return LIBSPDM_STATUS_SUCCESS;
1772 : }
1773 : #endif
1774 : }
1775 :
1776 10 : libspdm_return_t libspdm_append_message_mut_c(libspdm_context_t *spdm_context, const void *message,
1777 : size_t message_size)
1778 : {
1779 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1780 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_mut_c,
1781 : message, message_size);
1782 : #else
1783 : {
1784 : bool result;
1785 :
1786 10 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1787 7 : spdm_context->transcript.digest_context_mut_m1m2 = libspdm_hash_new (
1788 : spdm_context->connection_info.algorithm.base_hash_algo);
1789 7 : if (spdm_context->transcript.digest_context_mut_m1m2 == NULL) {
1790 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1791 : }
1792 7 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1793 : spdm_context->transcript.digest_context_mut_m1m2);
1794 7 : if (!result) {
1795 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1796 : spdm_context->transcript.digest_context_mut_m1m2);
1797 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1798 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1799 : }
1800 7 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1801 : SPDM_MESSAGE_VERSION_11) {
1802 :
1803 : /* Need append VCA since 1.2 script */
1804 2 : result = libspdm_hash_update (
1805 : spdm_context->connection_info.algorithm.base_hash_algo,
1806 : spdm_context->transcript.digest_context_mut_m1m2,
1807 2 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
1808 2 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1809 : message_a));
1810 2 : if (!result) {
1811 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1812 : spdm_context->transcript.digest_context_mut_m1m2);
1813 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1814 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1815 : }
1816 : }
1817 : }
1818 :
1819 10 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1820 : spdm_context->transcript.digest_context_mut_m1m2, message,
1821 : message_size);
1822 10 : if (!result) {
1823 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1824 : spdm_context->transcript.digest_context_mut_m1m2);
1825 0 : spdm_context->transcript.digest_context_mut_m1m2 = NULL;
1826 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1827 : }
1828 :
1829 10 : return LIBSPDM_STATUS_SUCCESS;
1830 : }
1831 : #endif
1832 : }
1833 :
1834 722 : libspdm_return_t libspdm_append_message_m(libspdm_context_t *spdm_context, void *session_info,
1835 : const void *message, size_t message_size)
1836 : {
1837 : libspdm_session_info_t *spdm_session_info;
1838 :
1839 722 : spdm_session_info = session_info;
1840 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1841 : if (spdm_session_info == NULL) {
1842 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_m,
1843 : message, message_size);
1844 : } else {
1845 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_m,
1846 : message, message_size);
1847 : }
1848 : #else
1849 : {
1850 : bool result;
1851 :
1852 722 : if (spdm_session_info == NULL) {
1853 718 : if (spdm_context->transcript.digest_context_l1l2 == NULL) {
1854 62 : spdm_context->transcript.digest_context_l1l2 = libspdm_hash_new (
1855 : spdm_context->connection_info.algorithm.base_hash_algo);
1856 62 : if (spdm_context->transcript.digest_context_l1l2 == NULL) {
1857 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1858 : }
1859 62 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1860 : spdm_context->transcript.digest_context_l1l2);
1861 62 : if (!result) {
1862 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1863 : spdm_context->transcript.digest_context_l1l2);
1864 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1865 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1866 : }
1867 62 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1868 : SPDM_MESSAGE_VERSION_11) {
1869 :
1870 : /* Need append VCA since 1.2 script */
1871 13 : result = libspdm_hash_update (
1872 : spdm_context->connection_info.algorithm.base_hash_algo,
1873 : spdm_context->transcript.digest_context_l1l2,
1874 13 : libspdm_get_managed_buffer(
1875 13 : &spdm_context->transcript.message_a),
1876 13 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1877 : message_a));
1878 13 : if (!result) {
1879 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1880 : spdm_context->transcript.digest_context_l1l2);
1881 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1882 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1883 : }
1884 : }
1885 : }
1886 718 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1887 : spdm_context->transcript.digest_context_l1l2, message,
1888 : message_size);
1889 718 : if (!result) {
1890 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1891 : spdm_context->transcript.digest_context_l1l2);
1892 0 : spdm_context->transcript.digest_context_l1l2 = NULL;
1893 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1894 : }
1895 : } else {
1896 4 : if (spdm_session_info->session_transcript.digest_context_l1l2 == NULL) {
1897 2 : spdm_session_info->session_transcript.digest_context_l1l2 = libspdm_hash_new (
1898 : spdm_context->connection_info.algorithm.base_hash_algo);
1899 2 : if (spdm_session_info->session_transcript.digest_context_l1l2 == NULL) {
1900 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1901 : }
1902 2 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
1903 : spdm_session_info->session_transcript.digest_context_l1l2);
1904 2 : if (!result) {
1905 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1906 : spdm_session_info->session_transcript.digest_context_l1l2);
1907 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1908 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1909 : }
1910 2 : if ((spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >
1911 : SPDM_MESSAGE_VERSION_11) {
1912 :
1913 : /* Need append VCA since 1.2 script*/
1914 :
1915 0 : result = libspdm_hash_update (
1916 : spdm_context->connection_info.algorithm.base_hash_algo,
1917 : spdm_session_info->session_transcript.digest_context_l1l2,
1918 0 : libspdm_get_managed_buffer(
1919 0 : &spdm_context->transcript.message_a),
1920 0 : libspdm_get_managed_buffer_size(&spdm_context->transcript.
1921 : message_a));
1922 0 : if (!result) {
1923 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1924 : spdm_session_info->session_transcript.digest_context_l1l2);
1925 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1926 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1927 : }
1928 : }
1929 : }
1930 4 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
1931 : spdm_session_info->session_transcript.digest_context_l1l2,
1932 : message, message_size);
1933 4 : if (!result) {
1934 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
1935 : spdm_session_info->session_transcript.digest_context_l1l2);
1936 0 : spdm_session_info->session_transcript.digest_context_l1l2 = NULL;
1937 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1938 : }
1939 : }
1940 :
1941 722 : return LIBSPDM_STATUS_SUCCESS;
1942 : }
1943 : #endif
1944 : }
1945 :
1946 299 : libspdm_return_t libspdm_append_message_k(libspdm_context_t *spdm_context,
1947 : void *session_info,
1948 : bool is_requester, const void *message,
1949 : size_t message_size)
1950 : {
1951 : libspdm_session_info_t *spdm_session_info;
1952 :
1953 299 : spdm_session_info = session_info;
1954 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
1955 : return libspdm_append_managed_buffer(
1956 : &spdm_session_info->session_transcript.message_k, message,
1957 : message_size);
1958 : #else
1959 : {
1960 : uint8_t *cert_chain_buffer;
1961 : size_t cert_chain_buffer_size;
1962 : bool result;
1963 : uint8_t cert_chain_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
1964 : uint32_t hash_size;
1965 : uint8_t slot_id;
1966 :
1967 299 : hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
1968 :
1969 299 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
1970 155 : if (!spdm_session_info->use_psk) {
1971 90 : if (is_requester) {
1972 59 : slot_id = spdm_session_info->peer_used_cert_chain_slot_id;
1973 59 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
1974 59 : if (slot_id == 0xFF) {
1975 4 : result = libspdm_get_peer_public_key_buffer(
1976 : spdm_context, (const void **)&cert_chain_buffer,
1977 : &cert_chain_buffer_size);
1978 4 : if (!result) {
1979 0 : return LIBSPDM_STATUS_INVALID_STATE_PEER;
1980 : }
1981 :
1982 4 : result = libspdm_hash_all(
1983 : spdm_context->connection_info.algorithm.base_hash_algo,
1984 : cert_chain_buffer, cert_chain_buffer_size,
1985 : cert_chain_buffer_hash);
1986 4 : if (!result) {
1987 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
1988 : }
1989 : } else {
1990 55 : LIBSPDM_ASSERT(
1991 : hash_size ==
1992 : spdm_context->connection_info
1993 : .peer_used_cert_chain[slot_id].buffer_hash_size);
1994 :
1995 55 : libspdm_copy_mem(cert_chain_buffer_hash,
1996 : sizeof(cert_chain_buffer_hash),
1997 : spdm_context->connection_info
1998 55 : .peer_used_cert_chain[slot_id].buffer_hash,
1999 : hash_size);
2000 : }
2001 : } else {
2002 31 : slot_id = spdm_session_info->local_used_cert_chain_slot_id;
2003 31 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2004 31 : if (slot_id == 0xFF) {
2005 2 : result = libspdm_get_local_public_key_buffer(
2006 : spdm_context, (const void **)&cert_chain_buffer,
2007 : &cert_chain_buffer_size);
2008 2 : if (!result) {
2009 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
2010 : }
2011 : } else {
2012 29 : libspdm_get_local_cert_chain_buffer(
2013 : spdm_context, slot_id, (const void **)&cert_chain_buffer,
2014 : &cert_chain_buffer_size);
2015 : }
2016 :
2017 31 : result = libspdm_hash_all(
2018 : spdm_context->connection_info.algorithm.base_hash_algo,
2019 : cert_chain_buffer, cert_chain_buffer_size,
2020 : cert_chain_buffer_hash);
2021 31 : if (!result) {
2022 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2023 : }
2024 : }
2025 : }
2026 : }
2027 :
2028 :
2029 : /* prepare digest_context_th*/
2030 :
2031 299 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2032 155 : spdm_session_info->session_transcript.digest_context_th = libspdm_hash_new (
2033 : spdm_context->connection_info.algorithm.base_hash_algo);
2034 155 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2035 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2036 : }
2037 155 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2038 : spdm_session_info->session_transcript.digest_context_th);
2039 155 : if (!result) {
2040 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2041 : spdm_session_info->session_transcript.digest_context_th);
2042 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2043 : }
2044 155 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2045 : spdm_session_info->session_transcript.digest_context_th,
2046 155 : libspdm_get_managed_buffer(&spdm_context->transcript.
2047 : message_a),
2048 : libspdm_get_managed_buffer_size(
2049 155 : &spdm_context->transcript.message_a));
2050 155 : if (!result) {
2051 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2052 : spdm_session_info->session_transcript.digest_context_th);
2053 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2054 : }
2055 155 : if (!spdm_session_info->use_psk) {
2056 90 : if (spdm_context->connection_info.multi_key_conn_rsp) {
2057 0 : result = libspdm_hash_update (
2058 : spdm_context->connection_info.algorithm.base_hash_algo,
2059 : spdm_session_info->session_transcript.digest_context_th,
2060 0 : libspdm_get_managed_buffer(&spdm_context->transcript.message_d),
2061 0 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_d));
2062 0 : if (!result) {
2063 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2064 : spdm_session_info->session_transcript.digest_context_th);
2065 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2066 : }
2067 : }
2068 :
2069 90 : result = libspdm_hash_update (
2070 : spdm_context->connection_info.algorithm.base_hash_algo,
2071 : spdm_session_info->session_transcript.digest_context_th,
2072 : cert_chain_buffer_hash, hash_size);
2073 90 : if (!result) {
2074 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2075 : spdm_session_info->session_transcript.digest_context_th);
2076 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2077 : }
2078 : }
2079 : }
2080 299 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2081 : spdm_session_info->session_transcript.digest_context_th,
2082 : message,
2083 : message_size);
2084 299 : if (!result) {
2085 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2086 : spdm_session_info->session_transcript.digest_context_th);
2087 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2088 : }
2089 299 : return LIBSPDM_STATUS_SUCCESS;
2090 : }
2091 : #endif
2092 : }
2093 :
2094 4 : libspdm_return_t libspdm_append_message_encap_d(libspdm_context_t *spdm_context,
2095 : void *session_info,
2096 : bool is_requester, const void *message,
2097 : size_t message_size)
2098 : {
2099 : libspdm_session_info_t *spdm_session_info;
2100 :
2101 4 : spdm_session_info = session_info;
2102 : /* Only the first message EncapD in current session counts */
2103 4 : if (libspdm_get_managed_buffer_size(&spdm_session_info->session_transcript.message_encap_d) !=
2104 : 0) {
2105 0 : return LIBSPDM_STATUS_SUCCESS;
2106 : }
2107 4 : return libspdm_append_managed_buffer(
2108 4 : &spdm_session_info->session_transcript.message_encap_d, message,
2109 : message_size);
2110 : }
2111 :
2112 253 : libspdm_return_t libspdm_append_message_f(libspdm_context_t *spdm_context,
2113 : void *session_info,
2114 : bool is_requester, const void *message,
2115 : size_t message_size)
2116 : {
2117 : libspdm_session_info_t *spdm_session_info;
2118 :
2119 253 : spdm_session_info = session_info;
2120 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2121 : return libspdm_append_managed_buffer(
2122 : &spdm_session_info->session_transcript.message_f, message,
2123 : message_size);
2124 : #else
2125 : {
2126 : const uint8_t *mut_cert_chain_buffer;
2127 : size_t mut_cert_chain_buffer_size;
2128 : bool result;
2129 : uint8_t mut_cert_chain_buffer_hash[LIBSPDM_MAX_HASH_SIZE];
2130 : uint32_t hash_size;
2131 : libspdm_return_t status;
2132 : uint8_t slot_id;
2133 :
2134 253 : hash_size = libspdm_get_hash_size(spdm_context->connection_info.algorithm.base_hash_algo);
2135 :
2136 253 : if (!spdm_session_info->session_transcript.message_f_initialized) {
2137 : /* digest_context_th might be NULL in unit test, where message_k is hardcoded. */
2138 96 : if (spdm_session_info->session_transcript.digest_context_th == NULL) {
2139 : status =
2140 95 : libspdm_append_message_k (spdm_context, session_info, is_requester, NULL, 0);
2141 95 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
2142 0 : return status;
2143 : }
2144 : }
2145 :
2146 96 : if (!spdm_session_info->use_psk && (spdm_session_info->mut_auth_requested != 0)) {
2147 16 : if (is_requester) {
2148 5 : slot_id = spdm_session_info->local_used_cert_chain_slot_id;
2149 5 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2150 5 : if (slot_id == 0xFF) {
2151 0 : result = libspdm_get_local_public_key_buffer(
2152 : spdm_context,
2153 : (const void **)&mut_cert_chain_buffer,
2154 : &mut_cert_chain_buffer_size);
2155 0 : if (!result) {
2156 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
2157 : }
2158 : } else {
2159 5 : libspdm_get_local_cert_chain_buffer(
2160 : spdm_context,
2161 : slot_id,
2162 : (const void **)&mut_cert_chain_buffer,
2163 : &mut_cert_chain_buffer_size);
2164 : }
2165 :
2166 5 : result = libspdm_hash_all(
2167 : spdm_context->connection_info.algorithm.base_hash_algo,
2168 : mut_cert_chain_buffer, mut_cert_chain_buffer_size,
2169 : mut_cert_chain_buffer_hash);
2170 5 : if (!result) {
2171 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2172 : }
2173 : } else {
2174 11 : slot_id = spdm_session_info->peer_used_cert_chain_slot_id;
2175 11 : LIBSPDM_ASSERT((slot_id < SPDM_MAX_SLOT_COUNT) || (slot_id == 0xFF));
2176 11 : if (slot_id == 0xFF) {
2177 1 : result = libspdm_get_peer_public_key_buffer(
2178 : spdm_context,
2179 : (const void **)&mut_cert_chain_buffer,
2180 : &mut_cert_chain_buffer_size);
2181 1 : if (!result) {
2182 0 : return LIBSPDM_STATUS_INVALID_STATE_PEER;
2183 : }
2184 :
2185 1 : result = libspdm_hash_all(
2186 : spdm_context->connection_info.algorithm.base_hash_algo,
2187 : mut_cert_chain_buffer, mut_cert_chain_buffer_size,
2188 : mut_cert_chain_buffer_hash);
2189 1 : if (!result) {
2190 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2191 : }
2192 : } else {
2193 10 : LIBSPDM_ASSERT(
2194 : hash_size ==
2195 : spdm_context->connection_info
2196 : .peer_used_cert_chain[slot_id].buffer_hash_size);
2197 :
2198 10 : libspdm_copy_mem(mut_cert_chain_buffer_hash,
2199 : sizeof(mut_cert_chain_buffer_hash),
2200 : spdm_context->connection_info
2201 10 : .peer_used_cert_chain[slot_id].buffer_hash,
2202 : hash_size);
2203 : }
2204 : }
2205 : }
2206 :
2207 : /* It is first time call, backup current message_k context
2208 : * this backup will be used in reset_message_f.*/
2209 :
2210 96 : LIBSPDM_ASSERT (spdm_session_info->session_transcript.digest_context_th != NULL);
2211 96 : spdm_session_info->session_transcript.digest_context_th_backup = libspdm_hash_new (
2212 : spdm_context->connection_info.algorithm.base_hash_algo);
2213 96 : if (spdm_session_info->session_transcript.digest_context_th_backup == NULL) {
2214 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2215 : }
2216 96 : result = libspdm_hash_duplicate (spdm_context->connection_info.algorithm.base_hash_algo,
2217 96 : spdm_session_info->session_transcript.digest_context_th,
2218 : spdm_session_info->session_transcript.digest_context_th_backup);
2219 96 : if (!result) {
2220 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2221 : spdm_session_info->session_transcript.digest_context_th_backup);
2222 0 : spdm_session_info->session_transcript.digest_context_th_backup = NULL;
2223 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2224 : }
2225 : }
2226 :
2227 :
2228 : /* prepare digest_context_th*/
2229 :
2230 253 : LIBSPDM_ASSERT (spdm_session_info->session_transcript.digest_context_th != NULL);
2231 253 : if (!spdm_session_info->session_transcript.message_f_initialized) {
2232 96 : if (!spdm_session_info->use_psk && (spdm_session_info->mut_auth_requested != 0)) {
2233 16 : if (spdm_context->connection_info.multi_key_conn_req) {
2234 0 : result = libspdm_hash_update (
2235 : spdm_context->connection_info.algorithm.base_hash_algo,
2236 : spdm_session_info->session_transcript.digest_context_th,
2237 0 : libspdm_get_managed_buffer(&spdm_session_info->session_transcript.
2238 : message_encap_d),
2239 0 : libspdm_get_managed_buffer_size(&spdm_session_info->session_transcript.
2240 : message_encap_d));
2241 0 : if (!result) {
2242 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2243 : spdm_session_info->session_transcript.digest_context_th);
2244 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2245 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2246 : }
2247 : }
2248 :
2249 16 : result = libspdm_hash_update (
2250 : spdm_context->connection_info.algorithm.base_hash_algo,
2251 : spdm_session_info->session_transcript.digest_context_th,
2252 : mut_cert_chain_buffer_hash, hash_size);
2253 16 : if (!result) {
2254 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2255 : spdm_session_info->session_transcript.digest_context_th);
2256 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2257 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2258 : }
2259 : }
2260 : }
2261 253 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2262 : spdm_session_info->session_transcript.digest_context_th,
2263 : message,
2264 : message_size);
2265 253 : if (!result) {
2266 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2267 : spdm_session_info->session_transcript.digest_context_th);
2268 0 : spdm_session_info->session_transcript.digest_context_th = NULL;
2269 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2270 : }
2271 :
2272 253 : spdm_session_info->session_transcript.message_f_initialized = true;
2273 253 : return LIBSPDM_STATUS_SUCCESS;
2274 : }
2275 : #endif
2276 : }
2277 :
2278 34 : libspdm_return_t libspdm_append_message_e(libspdm_context_t *spdm_context, void *session_info,
2279 : const void *message, size_t message_size)
2280 : {
2281 : libspdm_session_info_t *spdm_session_info;
2282 :
2283 34 : spdm_session_info = session_info;
2284 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2285 : if (spdm_session_info == NULL) {
2286 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_e,
2287 : message, message_size);
2288 : } else {
2289 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_e,
2290 : message, message_size);
2291 : }
2292 : #else
2293 : {
2294 : bool result;
2295 :
2296 34 : if (spdm_session_info == NULL) {
2297 28 : if (spdm_context->transcript.digest_context_il1il2 == NULL) {
2298 14 : spdm_context->transcript.digest_context_il1il2 = libspdm_hash_new (
2299 : spdm_context->connection_info.algorithm.base_hash_algo);
2300 14 : if (spdm_context->transcript.digest_context_il1il2 == NULL) {
2301 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2302 : }
2303 14 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2304 : spdm_context->transcript.digest_context_il1il2);
2305 14 : if (!result) {
2306 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2307 : spdm_context->transcript.digest_context_il1il2);
2308 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2309 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2310 : }
2311 :
2312 14 : result = libspdm_hash_update (
2313 : spdm_context->connection_info.algorithm.base_hash_algo,
2314 : spdm_context->transcript.digest_context_il1il2,
2315 14 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2316 14 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2317 :
2318 14 : if (!result) {
2319 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2320 : spdm_context->transcript.digest_context_il1il2);
2321 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2322 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2323 : }
2324 : }
2325 28 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2326 : spdm_context->transcript.digest_context_il1il2, message,
2327 : message_size);
2328 28 : if (!result) {
2329 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2330 : spdm_context->transcript.digest_context_il1il2);
2331 0 : spdm_context->transcript.digest_context_il1il2 = NULL;
2332 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2333 : }
2334 : } else {
2335 6 : if (spdm_session_info->session_transcript.digest_context_il1il2 == NULL) {
2336 3 : spdm_session_info->session_transcript.digest_context_il1il2 = libspdm_hash_new (
2337 : spdm_context->connection_info.algorithm.base_hash_algo);
2338 3 : if (spdm_session_info->session_transcript.digest_context_il1il2 == NULL) {
2339 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2340 : }
2341 3 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2342 : spdm_session_info->session_transcript.digest_context_il1il2);
2343 3 : if (!result) {
2344 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2345 : spdm_session_info->session_transcript.digest_context_il1il2);
2346 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2347 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2348 : }
2349 :
2350 3 : result = libspdm_hash_update (
2351 : spdm_context->connection_info.algorithm.base_hash_algo,
2352 : spdm_session_info->session_transcript.digest_context_il1il2,
2353 3 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2354 3 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2355 :
2356 3 : if (!result) {
2357 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2358 : spdm_session_info->session_transcript.digest_context_il1il2);
2359 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2360 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2361 : }
2362 : }
2363 6 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2364 : spdm_session_info->session_transcript.digest_context_il1il2,
2365 : message, message_size);
2366 6 : if (!result) {
2367 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2368 : spdm_session_info->session_transcript.digest_context_il1il2);
2369 0 : spdm_session_info->session_transcript.digest_context_il1il2 = NULL;
2370 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2371 : }
2372 : }
2373 :
2374 34 : return LIBSPDM_STATUS_SUCCESS;
2375 : }
2376 : #endif
2377 : }
2378 :
2379 24 : libspdm_return_t libspdm_append_message_encap_e(libspdm_context_t *spdm_context, void *session_info,
2380 : const void *message, size_t message_size)
2381 : {
2382 : libspdm_session_info_t *spdm_session_info;
2383 :
2384 24 : spdm_session_info = session_info;
2385 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
2386 : if (spdm_session_info == NULL) {
2387 : return libspdm_append_managed_buffer(&spdm_context->transcript.message_encap_e,
2388 : message, message_size);
2389 : } else {
2390 : return libspdm_append_managed_buffer(&spdm_session_info->session_transcript.message_encap_e,
2391 : message, message_size);
2392 : }
2393 : #else
2394 : {
2395 : bool result;
2396 :
2397 24 : if (spdm_session_info == NULL) {
2398 19 : if (spdm_context->transcript.digest_context_encap_il1il2 == NULL) {
2399 12 : spdm_context->transcript.digest_context_encap_il1il2 = libspdm_hash_new (
2400 : spdm_context->connection_info.algorithm.base_hash_algo);
2401 12 : if (spdm_context->transcript.digest_context_encap_il1il2 == NULL) {
2402 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2403 : }
2404 12 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2405 : spdm_context->transcript.digest_context_encap_il1il2);
2406 12 : if (!result) {
2407 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2408 : spdm_context->transcript.digest_context_encap_il1il2);
2409 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2410 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2411 : }
2412 :
2413 12 : result = libspdm_hash_update (
2414 : spdm_context->connection_info.algorithm.base_hash_algo,
2415 : spdm_context->transcript.digest_context_encap_il1il2,
2416 12 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2417 12 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2418 :
2419 12 : if (!result) {
2420 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2421 : spdm_context->transcript.digest_context_encap_il1il2);
2422 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2423 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2424 : }
2425 : }
2426 19 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2427 : spdm_context->transcript.digest_context_encap_il1il2,
2428 : message,
2429 : message_size);
2430 19 : if (!result) {
2431 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2432 : spdm_context->transcript.digest_context_encap_il1il2);
2433 0 : spdm_context->transcript.digest_context_encap_il1il2 = NULL;
2434 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2435 : }
2436 : } else {
2437 5 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 == NULL) {
2438 3 : spdm_session_info->session_transcript.digest_context_encap_il1il2 =
2439 3 : libspdm_hash_new (spdm_context->connection_info.algorithm.base_hash_algo);
2440 3 : if (spdm_session_info->session_transcript.digest_context_encap_il1il2 == NULL) {
2441 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2442 : }
2443 3 : result = libspdm_hash_init (spdm_context->connection_info.algorithm.base_hash_algo,
2444 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2445 3 : if (!result) {
2446 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2447 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2448 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2449 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2450 : }
2451 :
2452 3 : result = libspdm_hash_update (
2453 : spdm_context->connection_info.algorithm.base_hash_algo,
2454 : spdm_session_info->session_transcript.digest_context_encap_il1il2,
2455 3 : libspdm_get_managed_buffer(&spdm_context->transcript.message_a),
2456 3 : libspdm_get_managed_buffer_size(&spdm_context->transcript.message_a));
2457 :
2458 3 : if (!result) {
2459 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2460 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2461 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2462 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2463 : }
2464 : }
2465 5 : result = libspdm_hash_update (spdm_context->connection_info.algorithm.base_hash_algo,
2466 : spdm_session_info->session_transcript.digest_context_encap_il1il2,
2467 : message, message_size);
2468 5 : if (!result) {
2469 0 : libspdm_hash_free (spdm_context->connection_info.algorithm.base_hash_algo,
2470 : spdm_session_info->session_transcript.digest_context_encap_il1il2);
2471 0 : spdm_session_info->session_transcript.digest_context_encap_il1il2 = NULL;
2472 0 : return LIBSPDM_STATUS_CRYPTO_ERROR;
2473 : }
2474 : }
2475 :
2476 24 : return LIBSPDM_STATUS_SUCCESS;
2477 : }
2478 : #endif
2479 : }
2480 : /**
2481 : * This function returns if a given version is supported based upon the GET_VERSION/VERSION.
2482 : *
2483 : * @param spdm_context A pointer to the SPDM context.
2484 : * @param version The SPDM version.
2485 : *
2486 : * @retval true the version is supported.
2487 : * @retval false the version is not supported.
2488 : **/
2489 0 : bool libspdm_is_version_supported(const libspdm_context_t *spdm_context, uint8_t version)
2490 : {
2491 0 : if (version == (spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT)) {
2492 0 : return true;
2493 : }
2494 :
2495 0 : return false;
2496 : }
2497 :
2498 : /**
2499 : * This function returns connection version negotiated by GET_VERSION/VERSION.
2500 : *
2501 : * @param spdm_context A pointer to the SPDM context.
2502 : *
2503 : * @return the connection version.
2504 : **/
2505 273562 : uint8_t libspdm_get_connection_version(const libspdm_context_t *spdm_context)
2506 : {
2507 273562 : return (uint8_t)(spdm_context->connection_info.version >> SPDM_VERSION_NUMBER_SHIFT_BIT);
2508 : }
2509 :
2510 : /**
2511 : * This function returns if a capabilities flag is supported in current SPDM connection.
2512 : *
2513 : * @param spdm_context A pointer to the SPDM context.
2514 : * @param is_requester Is the function called from a requester.
2515 : * @param requester_capabilities_flag The requester capabilities flag to be checked
2516 : * @param responder_capabilities_flag The responder capabilities flag to be checked
2517 : *
2518 : * @retval true the capabilities flag is supported.
2519 : * @retval false the capabilities flag is not supported.
2520 : **/
2521 78303 : bool libspdm_is_capabilities_flag_supported(const libspdm_context_t *spdm_context,
2522 : bool is_requester,
2523 : uint32_t requester_capabilities_flag,
2524 : uint32_t responder_capabilities_flag)
2525 : {
2526 : uint32_t negotiated_requester_capabilities_flag;
2527 : uint32_t negotiated_responder_capabilities_flag;
2528 :
2529 78303 : if (is_requester) {
2530 73849 : negotiated_requester_capabilities_flag = spdm_context->local_context.capability.flags;
2531 73849 : negotiated_responder_capabilities_flag = spdm_context->connection_info.capability.flags;
2532 : } else {
2533 4454 : negotiated_requester_capabilities_flag = spdm_context->connection_info.capability.flags;
2534 4454 : negotiated_responder_capabilities_flag = spdm_context->local_context.capability.flags;
2535 : }
2536 :
2537 78303 : if (((requester_capabilities_flag == 0) ||
2538 74603 : ((negotiated_requester_capabilities_flag &
2539 71865 : requester_capabilities_flag) != 0)) &&
2540 70377 : ((responder_capabilities_flag == 0) ||
2541 70377 : ((negotiated_responder_capabilities_flag &
2542 : responder_capabilities_flag) != 0))) {
2543 70978 : return true;
2544 : } else {
2545 7325 : return false;
2546 : }
2547 : }
2548 :
2549 : /**
2550 : * This function returns if a capabilities extended flag is supported in current SPDM connection.
2551 : *
2552 : * @param spdm_context A pointer to the SPDM context.
2553 : * @param is_requester Is the function called from a requester.
2554 : * @param requester_capabilities_ext_flag The requester capabilities extended flag to be checked
2555 : * @param responder_capabilities_ext_flag The responder capabilities extended flag to be checked
2556 : *
2557 : * @retval true the capabilities extended flag is supported.
2558 : * @retval false the capabilities extended flag is not supported.
2559 : **/
2560 0 : bool libspdm_is_capabilities_ext_flag_supported(const libspdm_context_t *spdm_context,
2561 : bool is_requester,
2562 : uint16_t requester_capabilities_ext_flag,
2563 : uint16_t responder_capabilities_ext_flag)
2564 : {
2565 : uint16_t negotiated_requester_capabilities_ext_flag;
2566 : uint16_t negotiated_responder_capabilities_ext_flag;
2567 :
2568 0 : if (is_requester) {
2569 0 : negotiated_requester_capabilities_ext_flag = spdm_context->local_context.capability.ext_flags;
2570 0 : negotiated_responder_capabilities_ext_flag = spdm_context->connection_info.capability.ext_flags;
2571 : } else {
2572 0 : negotiated_requester_capabilities_ext_flag = spdm_context->connection_info.capability.ext_flags;
2573 0 : negotiated_responder_capabilities_ext_flag = spdm_context->local_context.capability.ext_flags;
2574 : }
2575 :
2576 0 : if (((requester_capabilities_ext_flag == 0) ||
2577 : ((negotiated_requester_capabilities_ext_flag &
2578 0 : requester_capabilities_ext_flag) != 0)) &&
2579 0 : ((responder_capabilities_ext_flag == 0) ||
2580 : ((negotiated_responder_capabilities_ext_flag &
2581 0 : responder_capabilities_ext_flag) != 0))) {
2582 0 : return true;
2583 : } else {
2584 0 : return false;
2585 : }
2586 : }
2587 :
2588 33 : bool libspdm_is_encap_supported(const libspdm_context_t *spdm_context)
2589 : {
2590 33 : if (libspdm_get_connection_version(spdm_context) == SPDM_MESSAGE_VERSION_10) {
2591 0 : return false;
2592 33 : } else if (libspdm_get_connection_version(spdm_context) == SPDM_MESSAGE_VERSION_12) {
2593 : /* ENCAP_CAP was erroneously deprecated in SPDM 1.2.0 and 1.2.1, and MUT_AUTH_CAP
2594 : * was used in its place. In SPDM 1.2.2 and later ENCAP_CAP is undeprecated. Since
2595 : * UpdateVersionNumber must be ignored when checking interoperability libspdm will check
2596 : * if ENCAP_CAP or MUT_AUTH_CAP is set. */
2597 2 : const bool is_req_encap_cap_supported = libspdm_is_capabilities_flag_supported(
2598 2 : spdm_context, spdm_context->local_context.is_requester,
2599 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP, 0);
2600 2 : const bool is_req_mut_auth_cap_supported = libspdm_is_capabilities_flag_supported(
2601 2 : spdm_context, spdm_context->local_context.is_requester,
2602 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_MUT_AUTH_CAP, 0);
2603 2 : const bool is_rsp_encap_cap_supported = libspdm_is_capabilities_flag_supported(
2604 2 : spdm_context, spdm_context->local_context.is_requester,
2605 : 0, SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP);
2606 2 : const bool is_rsp_mut_auth_cap_supported = libspdm_is_capabilities_flag_supported(
2607 2 : spdm_context, spdm_context->local_context.is_requester,
2608 : 0, SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_MUT_AUTH_CAP);
2609 :
2610 2 : return ((is_req_encap_cap_supported || is_req_mut_auth_cap_supported) &&
2611 0 : (is_rsp_encap_cap_supported || is_rsp_mut_auth_cap_supported));
2612 : } else {
2613 : /* For SPDM 1.1 and 1.3 and later only check ENCAP_CAP. */
2614 31 : return libspdm_is_capabilities_flag_supported(
2615 31 : spdm_context, spdm_context->local_context.is_requester,
2616 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_ENCAP_CAP,
2617 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_ENCAP_CAP);
2618 : }
2619 : }
2620 :
2621 : /**
2622 : * Register SPDM device input/output functions.
2623 : *
2624 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2625 : *
2626 : * @param spdm_context A pointer to the SPDM context.
2627 : * @param send_message The function to send an SPDM transport layer message.
2628 : * @param receive_message The function to receive an SPDM transport layer message.
2629 : **/
2630 109 : void libspdm_register_device_io_func(
2631 : void *spdm_context, libspdm_device_send_message_func send_message,
2632 : libspdm_device_receive_message_func receive_message)
2633 : {
2634 : libspdm_context_t *context;
2635 :
2636 109 : context = spdm_context;
2637 109 : context->send_message = send_message;
2638 109 : context->receive_message = receive_message;
2639 109 : }
2640 :
2641 : /**
2642 : * Register SPDM device buffer management functions.
2643 : *
2644 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2645 : *
2646 : * The sender_buffer_size and receiver_buffer_size must be no smaller than
2647 : * MAX (non-secure Transport Message Header Size +
2648 : * SPDM_CAPABILITIES.DataTransferSize +
2649 : * max alignment pad size (transport specific),
2650 : * secure Transport Message Header Size +
2651 : * sizeof(spdm_secured_message_a_data_header1_t) +
2652 : * length of sequence_number (transport specific) +
2653 : * sizeof(spdm_secured_message_a_data_header2_t) +
2654 : * sizeof(spdm_secured_message_cipher_header_t) +
2655 : * App Message Header Size (transport specific) +
2656 : * SPDM_CAPABILITIES.DataTransferSize +
2657 : * maximum random data size (transport specific) +
2658 : * AEAD MAC size (16) +
2659 : * max alignment pad size (transport specific)).
2660 : *
2661 : * Finally, the SPDM_CAPABILITIES.DataTransferSize will be calculated based upon it.
2662 : *
2663 : * For MCTP,
2664 : * Transport Message Header Size = sizeof(mctp_message_header_t)
2665 : * length of sequence_number = 2
2666 : * App Message Header Size = sizeof(mctp_message_header_t)
2667 : * maximum random data size = MCTP_MAX_RANDOM_NUMBER_COUNT
2668 : * max alignment pad size = 0
2669 : * For PCI_DOE,
2670 : * Transport Message Header Size = sizeof(pci_doe_data_object_header_t)
2671 : * length of sequence_number = 0
2672 : * App Message Header Size = 0
2673 : * maximum random data size = 0
2674 : * max alignment pad size = 3
2675 : *
2676 : * @param spdm_context A pointer to the SPDM context.
2677 : * @param sender_buffer_size Size in bytes of the sender buffer.
2678 : * @param receiver_buffer_size Size in bytes of the receiver buffer.
2679 : * @param acquire_sender_buffer The function to acquire transport layer sender buffer.
2680 : * @param release_sender_buffer The function to release transport layer sender buffer.
2681 : * @param acquire_receiver_buffer The function to acquire transport layer receiver buffer.
2682 : * @param release_receiver_buffer The function to release transport layer receiver buffer.
2683 : **/
2684 110 : void libspdm_register_device_buffer_func(
2685 : void *spdm_context,
2686 : uint32_t sender_buffer_size,
2687 : uint32_t receiver_buffer_size,
2688 : libspdm_device_acquire_sender_buffer_func acquire_sender_buffer,
2689 : libspdm_device_release_sender_buffer_func release_sender_buffer,
2690 : libspdm_device_acquire_receiver_buffer_func acquire_receiver_buffer,
2691 : libspdm_device_release_receiver_buffer_func release_receiver_buffer)
2692 : {
2693 : libspdm_context_t *context;
2694 :
2695 110 : context = spdm_context;
2696 110 : context->sender_buffer_size = sender_buffer_size;
2697 110 : context->receiver_buffer_size = receiver_buffer_size;
2698 110 : context->acquire_sender_buffer = acquire_sender_buffer;
2699 110 : context->release_sender_buffer = release_sender_buffer;
2700 110 : context->acquire_receiver_buffer = acquire_receiver_buffer;
2701 110 : context->release_receiver_buffer = release_receiver_buffer;
2702 :
2703 110 : LIBSPDM_ASSERT (sender_buffer_size >=
2704 : context->local_context.capability.transport_header_size +
2705 : context->local_context.capability.transport_tail_size);
2706 110 : sender_buffer_size -= (context->local_context.capability.transport_header_size +
2707 110 : context->local_context.capability.transport_tail_size);
2708 110 : LIBSPDM_ASSERT (sender_buffer_size >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
2709 110 : context->local_context.capability.sender_data_transfer_size = sender_buffer_size;
2710 :
2711 110 : LIBSPDM_ASSERT(receiver_buffer_size >=
2712 : context->local_context.capability.transport_header_size +
2713 : context->local_context.capability.transport_tail_size);
2714 110 : receiver_buffer_size -= (context->local_context.capability.transport_header_size +
2715 110 : context->local_context.capability.transport_tail_size);
2716 110 : LIBSPDM_ASSERT (receiver_buffer_size >= SPDM_MIN_DATA_TRANSFER_SIZE_VERSION_12);
2717 110 : context->local_context.capability.data_transfer_size = receiver_buffer_size;
2718 110 : }
2719 :
2720 : /**
2721 : * Register SPDM transport layer encode/decode functions for SPDM or APP messages.
2722 : *
2723 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2724 : *
2725 : * @param spdm_context A pointer to the SPDM context.
2726 : * @param transport_encode_message The function to encode an SPDM or APP message to a transport layer message.
2727 : * @param transport_decode_message The function to decode an SPDM or APP message from a transport layer message.
2728 : **/
2729 111 : void libspdm_register_transport_layer_func(
2730 : void *spdm_context,
2731 : uint32_t max_spdm_msg_size,
2732 : uint32_t transport_header_size,
2733 : uint32_t transport_tail_size,
2734 : libspdm_transport_encode_message_func transport_encode_message,
2735 : libspdm_transport_decode_message_func transport_decode_message)
2736 : {
2737 : libspdm_context_t *context;
2738 :
2739 111 : context = spdm_context;
2740 :
2741 : /* fix the data_transfer_size if it is set before */
2742 111 : if ((context->local_context.capability.data_transfer_size != 0) &&
2743 1 : (context->local_context.capability.data_transfer_size ==
2744 1 : context->receiver_buffer_size)) {
2745 0 : context->local_context.capability.data_transfer_size =
2746 0 : (uint32_t)(context->receiver_buffer_size -
2747 0 : (transport_header_size + transport_tail_size));
2748 : }
2749 111 : if ((context->local_context.capability.sender_data_transfer_size != 0) &&
2750 1 : (context->local_context.capability.sender_data_transfer_size ==
2751 1 : context->sender_buffer_size)) {
2752 0 : context->local_context.capability.sender_data_transfer_size =
2753 0 : (uint32_t)(context->sender_buffer_size -
2754 0 : (transport_header_size + transport_tail_size));
2755 : }
2756 :
2757 111 : context->local_context.capability.max_spdm_msg_size = max_spdm_msg_size;
2758 111 : context->local_context.capability.transport_header_size = transport_header_size;
2759 111 : context->local_context.capability.transport_tail_size = transport_tail_size;
2760 111 : context->transport_encode_message = transport_encode_message;
2761 111 : context->transport_decode_message = transport_decode_message;
2762 111 : }
2763 :
2764 : /**
2765 : * Register SPDM certificate verification functions for SPDM GET_CERTIFICATE in requester or responder.
2766 : * It is called after GET_CERTIFICATE gets a full certificate chain from peer.
2767 : *
2768 : * If it is NOT registered, the default verification in SPDM lib will be used. It verifies:
2769 : * 1) The integrity of the certificate chain, (Root Cert Hash->Root Cert->Cert Chain), according to X.509.
2770 : * 2) The trust anchor, according LIBSPDM_DATA_PEER_PUBLIC_ROOT_CERT or LIBSPDM_DATA_PEER_PUBLIC_CERT_CHAIN.
2771 : * If it is registered, SPDM lib will use this function to verify the certificate.
2772 : *
2773 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2774 : *
2775 : * @param context A pointer to the SPDM context.
2776 : * @param verify_spdm_cert_chain The function to verify an SPDM certificate after GET_CERTIFICATE.
2777 : **/
2778 0 : void libspdm_register_verify_spdm_cert_chain_func(
2779 : void *spdm_context,
2780 : const libspdm_verify_spdm_cert_chain_func verify_spdm_cert_chain)
2781 : {
2782 : libspdm_context_t *context;
2783 :
2784 0 : context = spdm_context;
2785 0 : context->local_context.verify_peer_spdm_cert_chain = verify_spdm_cert_chain;
2786 0 : }
2787 :
2788 : /**
2789 : * Get the size of required scratch buffer.
2790 : *
2791 : * The SPDM Integrator must call libspdm_get_sizeof_required_scratch_buffer to get the size,
2792 : * then allocate enough scratch buffer and call libspdm_set_scratch_buffer().
2793 : *
2794 : * @param context A pointer to the SPDM context.
2795 : *
2796 : * @return the size of required scratch buffer.
2797 : **/
2798 114 : size_t libspdm_get_sizeof_required_scratch_buffer (void *spdm_context)
2799 : {
2800 : libspdm_context_t *context;
2801 : size_t scratch_buffer_size;
2802 :
2803 114 : context = spdm_context;
2804 114 : LIBSPDM_ASSERT (context->local_context.capability.max_spdm_msg_size != 0);
2805 :
2806 114 : scratch_buffer_size = libspdm_get_scratch_buffer_capacity(context);
2807 114 : return scratch_buffer_size;
2808 : }
2809 :
2810 : /**
2811 : * Set the scratch buffer.
2812 : *
2813 : * This function must be called after libspdm_init_context, and before any SPDM communication.
2814 : *
2815 : * @param context A pointer to the SPDM context.
2816 : * @param scratch_buffer Buffer address of the scratch buffer.
2817 : * @param scratch_buffer_size Size of the scratch buffer.
2818 : *
2819 : **/
2820 114 : void libspdm_set_scratch_buffer (
2821 : void *spdm_context,
2822 : void *scratch_buffer,
2823 : size_t scratch_buffer_size)
2824 : {
2825 : libspdm_context_t *context;
2826 :
2827 114 : context = spdm_context;
2828 114 : LIBSPDM_ASSERT (context->local_context.capability.max_spdm_msg_size != 0);
2829 114 : LIBSPDM_ASSERT (scratch_buffer_size >= libspdm_get_scratch_buffer_capacity(spdm_context));
2830 114 : context->scratch_buffer = scratch_buffer;
2831 114 : context->scratch_buffer_size = scratch_buffer_size;
2832 114 : context->last_spdm_request = (uint8_t *)scratch_buffer +
2833 114 : libspdm_get_scratch_buffer_last_spdm_request_offset(spdm_context);
2834 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2835 114 : context->cache_spdm_request = (uint8_t *)scratch_buffer +
2836 114 : libspdm_get_scratch_buffer_cache_spdm_request_offset(spdm_context);
2837 : #endif
2838 114 : }
2839 :
2840 : /**
2841 : * Get the scratch buffer.
2842 : *
2843 : * @param context A pointer to the SPDM context.
2844 : * @param scratch_buffer Buffer address of the scratch buffer.
2845 : * @param scratch_buffer_size Size of the scratch buffer.
2846 : *
2847 : **/
2848 136733 : void libspdm_get_scratch_buffer (
2849 : void *spdm_context,
2850 : void **scratch_buffer,
2851 : size_t *scratch_buffer_size)
2852 : {
2853 : libspdm_context_t *context;
2854 :
2855 136733 : context = spdm_context;
2856 136733 : LIBSPDM_ASSERT (context->scratch_buffer != NULL);
2857 136733 : LIBSPDM_ASSERT (context->scratch_buffer_size >=
2858 : libspdm_get_scratch_buffer_capacity(spdm_context));
2859 136733 : *scratch_buffer = context->scratch_buffer;
2860 136733 : *scratch_buffer_size = context->scratch_buffer_size;
2861 : /* need to remove last 2 sections, because they are for libspdm internal state track. */
2862 136733 : *scratch_buffer_size -= libspdm_get_scratch_buffer_last_spdm_request_capacity(spdm_context);
2863 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
2864 136733 : *scratch_buffer_size -= libspdm_get_scratch_buffer_cache_spdm_request_capacity(spdm_context);
2865 : #endif
2866 136733 : }
2867 :
2868 2614 : libspdm_return_t libspdm_acquire_sender_buffer (
2869 : libspdm_context_t *spdm_context, size_t *max_msg_size, void **msg_buf_ptr)
2870 : {
2871 : libspdm_return_t status;
2872 :
2873 2614 : LIBSPDM_ASSERT (spdm_context->sender_buffer == NULL);
2874 2614 : LIBSPDM_ASSERT (spdm_context->sender_buffer_size != 0);
2875 2614 : status = spdm_context->acquire_sender_buffer (spdm_context, msg_buf_ptr);
2876 2614 : if (status != LIBSPDM_STATUS_SUCCESS) {
2877 7 : return status;
2878 : }
2879 2607 : spdm_context->sender_buffer = *msg_buf_ptr;
2880 2607 : *max_msg_size = spdm_context->sender_buffer_size;
2881 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
2882 : /* it return scratch buffer, because the requester need build message there.*/
2883 5214 : *msg_buf_ptr = (uint8_t *)spdm_context->scratch_buffer +
2884 2607 : libspdm_get_scratch_buffer_large_sender_receiver_offset(spdm_context);
2885 2607 : *max_msg_size = libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context);
2886 : #endif
2887 2607 : return LIBSPDM_STATUS_SUCCESS;
2888 : }
2889 :
2890 2607 : void libspdm_release_sender_buffer (libspdm_context_t *spdm_context)
2891 : {
2892 2607 : LIBSPDM_ASSERT(spdm_context->sender_buffer != NULL);
2893 2607 : LIBSPDM_ASSERT(spdm_context->sender_buffer_size != 0);
2894 :
2895 2607 : spdm_context->release_sender_buffer (spdm_context, spdm_context->sender_buffer);
2896 2607 : spdm_context->sender_buffer = NULL;
2897 2607 : }
2898 :
2899 : /**
2900 : * Get the sender buffer.
2901 : *
2902 : * @param context A pointer to the SPDM context.
2903 : * @param receiver_buffer Buffer address of the sender buffer.
2904 : * @param receiver_buffer_size Size of the sender buffer.
2905 : *
2906 : **/
2907 68217 : void libspdm_get_sender_buffer (
2908 : libspdm_context_t *spdm_context,
2909 : void **sender_buffer,
2910 : size_t *sender_buffer_size)
2911 : {
2912 68217 : *sender_buffer = spdm_context->sender_buffer;
2913 68217 : *sender_buffer_size = spdm_context->sender_buffer_size;
2914 68217 : }
2915 :
2916 2568 : libspdm_return_t libspdm_acquire_receiver_buffer (
2917 : libspdm_context_t *spdm_context, size_t *max_msg_size, void **msg_buf_ptr)
2918 : {
2919 : libspdm_return_t status;
2920 :
2921 2568 : LIBSPDM_ASSERT (spdm_context->receiver_buffer == NULL);
2922 2568 : LIBSPDM_ASSERT (spdm_context->receiver_buffer_size != 0);
2923 2568 : status = spdm_context->acquire_receiver_buffer (spdm_context, msg_buf_ptr);
2924 2568 : if (status != LIBSPDM_STATUS_SUCCESS) {
2925 7 : return status;
2926 : }
2927 2561 : spdm_context->receiver_buffer = *msg_buf_ptr;
2928 2561 : *max_msg_size = spdm_context->receiver_buffer_size;
2929 : #if LIBSPDM_ENABLE_CAPABILITY_CHUNK_CAP
2930 : /* it return scratch buffer, because the requester need build message there.*/
2931 5122 : *msg_buf_ptr = (uint8_t *)spdm_context->scratch_buffer +
2932 2561 : libspdm_get_scratch_buffer_large_sender_receiver_offset(spdm_context);
2933 2561 : *max_msg_size = libspdm_get_scratch_buffer_large_sender_receiver_capacity(spdm_context);
2934 : #endif
2935 2561 : return LIBSPDM_STATUS_SUCCESS;
2936 : }
2937 :
2938 2561 : void libspdm_release_receiver_buffer (libspdm_context_t *spdm_context)
2939 : {
2940 2561 : LIBSPDM_ASSERT(spdm_context->receiver_buffer != NULL);
2941 2561 : LIBSPDM_ASSERT(spdm_context->receiver_buffer_size != 0);
2942 :
2943 2561 : spdm_context->release_receiver_buffer (spdm_context, spdm_context->receiver_buffer);
2944 2561 : spdm_context->receiver_buffer = NULL;
2945 2561 : }
2946 :
2947 : /**
2948 : * Get the receiver buffer.
2949 : *
2950 : * @param context A pointer to the SPDM context.
2951 : * @param receiver_buffer Buffer address of the receiver buffer.
2952 : * @param receiver_buffer_size Size of the receiver buffer.
2953 : *
2954 : **/
2955 0 : void libspdm_get_receiver_buffer (
2956 : libspdm_context_t *spdm_context,
2957 : void **receiver_buffer,
2958 : size_t *receiver_buffer_size)
2959 : {
2960 0 : *receiver_buffer = spdm_context->receiver_buffer;
2961 0 : *receiver_buffer_size = spdm_context->receiver_buffer_size;
2962 0 : }
2963 :
2964 : /**
2965 : * Get the last SPDM error struct of an SPDM context.
2966 : *
2967 : * @param spdm_context A pointer to the SPDM context.
2968 : * @param last_spdm_error Last SPDM error struct of an SPDM context.
2969 : */
2970 0 : void libspdm_get_last_spdm_error_struct(void *spdm_context, libspdm_error_struct_t *last_spdm_error)
2971 : {
2972 : libspdm_context_t *context;
2973 :
2974 0 : context = spdm_context;
2975 0 : libspdm_copy_mem(last_spdm_error, sizeof(libspdm_error_struct_t),
2976 0 : &context->last_spdm_error,sizeof(libspdm_error_struct_t));
2977 0 : }
2978 :
2979 : /**
2980 : * Set the last SPDM error struct of an SPDM context.
2981 : *
2982 : * @param spdm_context A pointer to the SPDM context.
2983 : * @param last_spdm_error Last SPDM error struct of an SPDM context.
2984 : */
2985 68315 : void libspdm_set_last_spdm_error_struct(void *spdm_context, libspdm_error_struct_t *last_spdm_error)
2986 : {
2987 : libspdm_context_t *context;
2988 :
2989 68315 : context = spdm_context;
2990 68315 : libspdm_copy_mem(&context->last_spdm_error, sizeof(context->last_spdm_error),
2991 : last_spdm_error, sizeof(libspdm_error_struct_t));
2992 68315 : }
2993 :
2994 : #if LIBSPDM_FIPS_MODE
2995 0 : libspdm_return_t libspdm_init_fips_selftest_context(void *fips_selftest_context,
2996 : size_t buffer_size,
2997 : void *buffer)
2998 : {
2999 : libspdm_fips_selftest_context_t *context;
3000 0 : LIBSPDM_ASSERT(fips_selftest_context != NULL);
3001 : LIBSPDM_ASSERT(buffer_size >= LIBSPDM_FIPS_REQUIRED_BUFFER_SIZE);
3002 0 : if (buffer_size > 0) {
3003 0 : LIBSPDM_ASSERT(buffer != NULL);
3004 : }
3005 :
3006 0 : context = fips_selftest_context;
3007 :
3008 : /*No tested for every used algo*/
3009 0 : context->tested_algo = 0;
3010 : /*self_test result is false for every used algo*/
3011 0 : context->self_test_result = 0;
3012 : /*The buffer provided by integrator to hold large intermediate results*/
3013 0 : context->selftest_buffer_size = buffer_size;
3014 0 : context->selftest_buffer = buffer;
3015 :
3016 0 : return LIBSPDM_STATUS_SUCCESS;
3017 : }
3018 :
3019 : /**
3020 : * Return the size in bytes of the fips_selftest_context.
3021 : *
3022 : * @return the size in bytes of the fips_selftest_context.
3023 : **/
3024 0 : size_t libspdm_get_fips_selftest_context_size(void)
3025 : {
3026 : size_t size;
3027 :
3028 0 : size = sizeof(libspdm_fips_selftest_context_t);
3029 0 : return size;
3030 : }
3031 :
3032 : /**
3033 : * Returns the required buffer size for FIPS self-tests.
3034 : *
3035 : * @retval The required buffer size in bytes.
3036 : */
3037 0 : size_t libspdm_get_fips_selftest_buffer_size(void)
3038 : {
3039 0 : return LIBSPDM_FIPS_REQUIRED_BUFFER_SIZE;
3040 : }
3041 :
3042 : /**
3043 : * import fips_selftest_context to spdm_context;
3044 : *
3045 : * @param[in,out] spdm_context A pointer to the spdm_context.
3046 : * @param[in] fips_selftest_context A pointer to the fips_selftest_context.
3047 : * @param[in] fips_selftest_context_size The size of fips_selftest_context.
3048 : *
3049 : * @retval true import fips_selftest_context successful.
3050 : * @retval false spdm_context or fips_selftest_context is null.
3051 : */
3052 0 : bool libspdm_import_fips_selftest_context_to_spdm_context(void *spdm_context,
3053 : void *fips_selftest_context,
3054 : size_t fips_selftest_context_size)
3055 : {
3056 : libspdm_fips_selftest_context_t *libspdm_fips_selftest_context;
3057 : libspdm_context_t *libspdm_context;
3058 :
3059 0 : libspdm_context = spdm_context;
3060 0 : libspdm_fips_selftest_context = fips_selftest_context;
3061 :
3062 0 : if ((libspdm_context == NULL) || (libspdm_fips_selftest_context == NULL)) {
3063 0 : return false;
3064 : }
3065 0 : if (fips_selftest_context_size != sizeof(libspdm_fips_selftest_context_t)) {
3066 0 : return false;
3067 : }
3068 :
3069 0 : libspdm_copy_mem(&(libspdm_context->fips_selftest_context),
3070 : sizeof(libspdm_fips_selftest_context_t),
3071 : libspdm_fips_selftest_context, sizeof(libspdm_fips_selftest_context_t));
3072 0 : return true;
3073 : }
3074 :
3075 : /**
3076 : * export fips_selftest_context from spdm_context;
3077 : *
3078 : * @param[in] spdm_context A pointer to the spdm_context.
3079 : * @param[in,out] fips_selftest_context A pointer to the fips_selftest_context.
3080 : * @param[in] fips_selftest_context_size The size of fips_selftest_context.
3081 : *
3082 : * @retval true export fips_selftest_context successful.
3083 : * @retval false spdm_context or fips_selftest_context is null.
3084 : */
3085 0 : bool libspdm_export_fips_selftest_context_from_spdm_context(void *spdm_context,
3086 : void *fips_selftest_context,
3087 : size_t fips_selftest_context_size)
3088 : {
3089 : libspdm_fips_selftest_context_t *libspdm_fips_selftest_context;
3090 : libspdm_context_t *libspdm_context;
3091 :
3092 0 : libspdm_context = spdm_context;
3093 0 : libspdm_fips_selftest_context = fips_selftest_context;
3094 :
3095 0 : if ((libspdm_context == NULL) || (libspdm_fips_selftest_context == NULL)) {
3096 0 : return false;
3097 : }
3098 0 : if (fips_selftest_context_size != sizeof(libspdm_fips_selftest_context_t)) {
3099 0 : return false;
3100 : }
3101 :
3102 0 : libspdm_copy_mem(libspdm_fips_selftest_context,
3103 : sizeof(libspdm_fips_selftest_context_t),
3104 0 : &(libspdm_context->fips_selftest_context),
3105 : sizeof(libspdm_fips_selftest_context_t));
3106 0 : return true;
3107 : }
3108 :
3109 : #endif /* LIBSPDM_FIPS_MODE */
3110 :
3111 117 : libspdm_return_t libspdm_init_context_with_secured_context(void *spdm_context,
3112 : void **secured_contexts,
3113 : size_t num_secured_contexts)
3114 : {
3115 : libspdm_context_t *context;
3116 : size_t index;
3117 :
3118 117 : LIBSPDM_ASSERT(spdm_context != NULL);
3119 117 : LIBSPDM_ASSERT(secured_contexts != NULL);
3120 117 : LIBSPDM_ASSERT(num_secured_contexts == LIBSPDM_MAX_SESSION_COUNT);
3121 :
3122 117 : context = spdm_context;
3123 117 : libspdm_zero_mem(context, sizeof(libspdm_context_t));
3124 117 : context->version = LIBSPDM_CONTEXT_STRUCT_VERSION;
3125 117 : context->transcript.message_a.max_buffer_size =
3126 : sizeof(context->transcript.message_a.buffer);
3127 117 : context->transcript.message_d.max_buffer_size =
3128 : sizeof(context->transcript.message_d.buffer);
3129 : #if LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT
3130 : context->transcript.message_b.max_buffer_size =
3131 : sizeof(context->transcript.message_b.buffer);
3132 : context->transcript.message_c.max_buffer_size =
3133 : sizeof(context->transcript.message_c.buffer);
3134 : context->transcript.message_mut_b.max_buffer_size =
3135 : sizeof(context->transcript.message_mut_b.buffer);
3136 : context->transcript.message_mut_c.max_buffer_size =
3137 : sizeof(context->transcript.message_mut_c.buffer);
3138 : context->transcript.message_m.max_buffer_size =
3139 : sizeof(context->transcript.message_m.buffer);
3140 : context->transcript.message_e.max_buffer_size =
3141 : sizeof(context->transcript.message_e.buffer);
3142 : context->transcript.message_encap_e.max_buffer_size =
3143 : sizeof(context->transcript.message_encap_e.buffer);
3144 : #endif
3145 117 : context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
3146 117 : context->local_context.version.spdm_version_count = SPDM_MAX_VERSION_COUNT;
3147 117 : context->local_context.version.spdm_version[0] = SPDM_MESSAGE_VERSION_10 <<
3148 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3149 117 : context->local_context.version.spdm_version[1] = SPDM_MESSAGE_VERSION_11 <<
3150 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3151 117 : context->local_context.version.spdm_version[2] = SPDM_MESSAGE_VERSION_12 <<
3152 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3153 117 : context->local_context.version.spdm_version[3] = SPDM_MESSAGE_VERSION_13 <<
3154 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3155 117 : context->local_context.version.spdm_version[4] = SPDM_MESSAGE_VERSION_14 <<
3156 : SPDM_VERSION_NUMBER_SHIFT_BIT;
3157 117 : context->local_context.secured_message_version.secured_message_version_count =
3158 : SECURED_SPDM_MAX_VERSION_COUNT;
3159 117 : context->local_context.secured_message_version.secured_message_version[0] =
3160 : SECURED_SPDM_VERSION_10 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3161 117 : context->local_context.secured_message_version.secured_message_version[1] =
3162 : SECURED_SPDM_VERSION_11 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3163 117 : context->local_context.secured_message_version.secured_message_version[2] =
3164 : SECURED_SPDM_VERSION_12 << SPDM_VERSION_NUMBER_SHIFT_BIT;
3165 117 : context->local_context.capability.st1 = SPDM_ST1_VALUE_US;
3166 :
3167 117 : context->mut_auth_cert_chain_buffer_size = 0;
3168 :
3169 117 : context->max_spdm_session_sequence_number = LIBSPDM_MAX_SPDM_SESSION_SEQUENCE_NUMBER;
3170 :
3171 117 : context->latest_session_id = INVALID_SESSION_ID;
3172 117 : context->last_spdm_request_session_id = INVALID_SESSION_ID;
3173 117 : context->last_spdm_request_session_id_valid = false;
3174 117 : context->last_spdm_request_size = 0;
3175 :
3176 : /* To be updated in libspdm_register_device_buffer_func */
3177 117 : context->local_context.capability.data_transfer_size = 0;
3178 117 : context->local_context.capability.sender_data_transfer_size = 0;
3179 117 : context->local_context.capability.max_spdm_msg_size = 0;
3180 :
3181 585 : for (index = 0; index < num_secured_contexts; index++) {
3182 468 : if (secured_contexts[index] == NULL) {
3183 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
3184 : }
3185 :
3186 468 : context->session_info[index].secured_message_context = secured_contexts[index];
3187 468 : libspdm_secured_message_init_context(
3188 : context->session_info[index].secured_message_context);
3189 : }
3190 :
3191 117 : return LIBSPDM_STATUS_SUCCESS;
3192 : }
3193 :
3194 116 : libspdm_return_t libspdm_init_context(void *spdm_context)
3195 : {
3196 : libspdm_context_t *context;
3197 : void *secured_context;
3198 : void *secured_contexts[LIBSPDM_MAX_SESSION_COUNT];
3199 : size_t secured_context_size;
3200 : size_t index;
3201 :
3202 116 : LIBSPDM_ASSERT(spdm_context != NULL);
3203 :
3204 : /* libspdm_get_context_size() allocates space for all secured message
3205 : * contexts. They are appended to the general SPDM context. */
3206 116 : context = spdm_context;
3207 116 : secured_context = (void *)((size_t)(context + 1));
3208 116 : secured_context_size = libspdm_secured_message_get_context_size();
3209 :
3210 580 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++)
3211 : {
3212 464 : secured_contexts[index] = (uint8_t *)secured_context + secured_context_size * index;
3213 : }
3214 :
3215 116 : return libspdm_init_context_with_secured_context(spdm_context,
3216 : secured_contexts,
3217 : LIBSPDM_MAX_SESSION_COUNT);
3218 : }
3219 :
3220 42 : void libspdm_reset_context(void *spdm_context)
3221 : {
3222 : libspdm_context_t *context;
3223 : size_t index;
3224 :
3225 42 : context = spdm_context;
3226 :
3227 : /* Clear all information about previous connection. Local context information is preserved. */
3228 :
3229 : /* Need to clear session information and message transcripts before negotiated algorithm
3230 : * information is cleared. */
3231 210 : for (index = 0; index < LIBSPDM_MAX_SESSION_COUNT; index++)
3232 : {
3233 168 : libspdm_session_info_init(context,
3234 : &context->session_info[index],
3235 : INVALID_SESSION_ID,
3236 : 0,
3237 : false);
3238 : }
3239 :
3240 42 : libspdm_reset_message_a(spdm_context);
3241 42 : libspdm_reset_message_d(spdm_context);
3242 42 : libspdm_reset_message_b(spdm_context);
3243 42 : libspdm_reset_message_c(spdm_context);
3244 42 : libspdm_reset_message_mut_b(spdm_context);
3245 42 : libspdm_reset_message_mut_c(spdm_context);
3246 42 : libspdm_reset_message_m(spdm_context, NULL);
3247 42 : libspdm_reset_message_e(spdm_context, NULL);
3248 42 : libspdm_reset_message_encap_e(spdm_context, NULL);
3249 :
3250 42 : context->connection_info.connection_state = LIBSPDM_CONNECTION_STATE_NOT_STARTED;
3251 42 : libspdm_zero_mem(&context->connection_info.version, sizeof(spdm_version_number_t));
3252 42 : libspdm_zero_mem(&context->connection_info.capability,
3253 : sizeof(libspdm_device_capability_t));
3254 42 : libspdm_zero_mem(&context->connection_info.algorithm, sizeof(libspdm_device_algorithm_t));
3255 42 : libspdm_zero_mem(&context->last_spdm_error, sizeof(libspdm_error_struct_t));
3256 42 : libspdm_zero_mem(&context->encap_context, sizeof(libspdm_encap_context_t));
3257 42 : context->connection_info.multi_key_conn_req = false;
3258 42 : context->connection_info.multi_key_conn_rsp = false;
3259 : #if LIBSPDM_RESPOND_IF_READY_SUPPORT
3260 42 : context->cache_spdm_request_size = 0;
3261 : #endif
3262 42 : context->response_state = LIBSPDM_RESPONSE_STATE_NORMAL;
3263 42 : context->current_token = 0;
3264 42 : context->latest_session_id = INVALID_SESSION_ID;
3265 42 : context->last_spdm_request_session_id = INVALID_SESSION_ID;
3266 42 : context->last_spdm_request_session_id_valid = false;
3267 42 : context->last_spdm_request_size = 0;
3268 42 : context->mut_auth_cert_chain_buffer_size = 0;
3269 42 : context->current_dhe_session_count = 0;
3270 42 : context->current_psk_session_count = 0;
3271 42 : }
3272 :
3273 : /**
3274 : * Free the memory of contexts within the SPDM context.
3275 : * These are typically contexts whose memory has been allocated by the cryptography library.
3276 : * This function does not free the SPDM context itself.
3277 : *
3278 : * @param[in] spdm_context A pointer to the SPDM context.
3279 : *
3280 : */
3281 0 : void libspdm_deinit_context(void *spdm_context)
3282 : {
3283 : uint32_t session_id;
3284 : libspdm_context_t *context;
3285 : libspdm_session_info_t *session_info;
3286 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
3287 : void *pubkey_context;
3288 : bool is_requester;
3289 : uint8_t slot_index;
3290 : #endif
3291 :
3292 0 : context = spdm_context;
3293 :
3294 : #if !(LIBSPDM_RECORD_TRANSCRIPT_DATA_SUPPORT)
3295 0 : is_requester = context->local_context.is_requester;
3296 :
3297 0 : for (slot_index = 0; slot_index < SPDM_MAX_SLOT_COUNT; slot_index++) {
3298 0 : pubkey_context = context->connection_info.peer_used_cert_chain[slot_index].
3299 : leaf_cert_public_key;
3300 :
3301 0 : if (pubkey_context != NULL) {
3302 0 : if (is_requester) {
3303 0 : if (context->connection_info.algorithm.pqc_asym_algo != 0) {
3304 0 : libspdm_pqc_asym_free(
3305 : context->connection_info.algorithm.pqc_asym_algo, pubkey_context);
3306 : } else {
3307 0 : libspdm_asym_free(
3308 : context->connection_info.algorithm.base_asym_algo, pubkey_context);
3309 : }
3310 : } else {
3311 0 : if (context->connection_info.algorithm.req_pqc_asym_alg != 0) {
3312 0 : libspdm_req_pqc_asym_free(
3313 : context->connection_info.algorithm.req_pqc_asym_alg, pubkey_context);
3314 : } else {
3315 0 : libspdm_req_asym_free(
3316 0 : context->connection_info.algorithm.req_base_asym_alg, pubkey_context);
3317 : }
3318 : }
3319 :
3320 0 : context->connection_info.peer_used_cert_chain[slot_index].leaf_cert_public_key = NULL;
3321 : }
3322 : }
3323 : #endif
3324 :
3325 0 : libspdm_reset_message_a(context);
3326 0 : libspdm_reset_message_d(context);
3327 0 : libspdm_reset_message_b(context);
3328 0 : libspdm_reset_message_c(context);
3329 0 : libspdm_reset_message_mut_b(context);
3330 0 : libspdm_reset_message_mut_c(context);
3331 0 : libspdm_reset_message_m(spdm_context, NULL);
3332 0 : libspdm_reset_message_e(spdm_context, NULL);
3333 0 : libspdm_reset_message_encap_e(spdm_context, NULL);
3334 0 : for (session_id = 0; session_id < LIBSPDM_MAX_SESSION_COUNT; session_id++) {
3335 0 : session_info = &context->session_info[session_id];
3336 0 : libspdm_reset_message_m(context, session_info);
3337 0 : libspdm_reset_message_e(context, session_info);
3338 0 : libspdm_reset_message_encap_e(context, session_info);
3339 0 : libspdm_reset_message_encap_d(context, session_info);
3340 0 : libspdm_reset_message_k(context, session_info);
3341 0 : libspdm_reset_message_f(context, session_info);
3342 : }
3343 0 : }
3344 :
3345 : /**
3346 : * Return the size in bytes of the SPDM context. This includes all
3347 : * secured message context data as well.
3348 : *
3349 : * For just the SPDM context size, use libspdm_get_context_size_without_secured_context.
3350 : *
3351 : * @return the size in bytes of the SPDM context and secured message contexts.
3352 : **/
3353 116 : size_t libspdm_get_context_size(void)
3354 : {
3355 : size_t size;
3356 :
3357 116 : size = sizeof(libspdm_context_t) +
3358 116 : libspdm_secured_message_get_context_size() * LIBSPDM_MAX_SESSION_COUNT;
3359 116 : LIBSPDM_ASSERT (size == LIBSPDM_CONTEXT_SIZE_ALL);
3360 116 : return size;
3361 : }
3362 :
3363 : /**
3364 : * Return the size in bytes of just the SPDM context, without secured message context.
3365 : *
3366 : * For the complete context size, use libspdm_get_context_size.
3367 : *
3368 : * @return the size in bytes of the SPDM context.
3369 : **/
3370 1 : size_t libspdm_get_context_size_without_secured_context(void)
3371 : {
3372 : size_t size;
3373 :
3374 1 : size = sizeof(libspdm_context_t);
3375 1 : LIBSPDM_ASSERT (size == LIBSPDM_CONTEXT_SIZE_WITHOUT_SECURED_CONTEXT);
3376 1 : return size;
3377 : }
3378 :
3379 : /**
3380 : * Return the SPDMversion field of the version number struct.
3381 : *
3382 : * @param ver Spdm version number struct.
3383 : *
3384 : * @return the SPDMversion of the version number struct.
3385 : **/
3386 245 : uint8_t libspdm_get_version_from_version_number(const spdm_version_number_t ver)
3387 : {
3388 245 : return (uint8_t)(ver >> SPDM_VERSION_NUMBER_SHIFT_BIT);
3389 : }
3390 :
3391 : /**
3392 : * Sort SPDMversion in descending order.
3393 : *
3394 : * @param spdm_context A pointer to the SPDM context.
3395 : * @param ver_set A pointer to the version set.
3396 : * @param ver_num Version number.
3397 : */
3398 60 : void libspdm_version_number_sort(spdm_version_number_t *ver_set, size_t ver_num)
3399 : {
3400 : size_t index;
3401 : size_t index_sort;
3402 : size_t index_max;
3403 : spdm_version_number_t version;
3404 :
3405 : /* Select sort */
3406 60 : if (ver_num > 1) {
3407 135 : for (index_sort = 0; index_sort < ver_num; index_sort++) {
3408 103 : index_max = index_sort;
3409 230 : for (index = index_sort + 1; index < ver_num; index++) {
3410 : /* if ver_ser[index] higher than ver_set[index_max] */
3411 127 : if (ver_set[index] > ver_set[index_max]) {
3412 74 : index_max = index;
3413 : }
3414 : }
3415 : /* swap ver_ser[index_min] and ver_set[index_sort] */
3416 103 : version = ver_set[index_sort];
3417 103 : ver_set[index_sort] = ver_set[index_max];
3418 103 : ver_set[index_max] = version;
3419 : }
3420 : }
3421 60 : }
3422 :
3423 : /**
3424 : * Negotiate SPDMversion for connection.
3425 : * ver_set is the local version set of requester, res_ver_set is the version set of responder.
3426 : *
3427 : * @param common_version A pointer to store the common version.
3428 : * @param req_ver_set A pointer to the requester version set.
3429 : * @param req_ver_num Version number of requester.
3430 : * @param res_ver_set A pointer to the responder version set.
3431 : * @param res_ver_num Version number of responder.
3432 : *
3433 : * @retval true Negotiation successfully, connect version be saved to common_version.
3434 : * @retval false Negotiation failed.
3435 : */
3436 30 : bool libspdm_negotiate_connection_version(spdm_version_number_t *common_version,
3437 : spdm_version_number_t *req_ver_set,
3438 : size_t req_ver_num,
3439 : const spdm_version_number_t *res_ver_set,
3440 : size_t res_ver_num)
3441 : {
3442 : spdm_version_number_t req_version_list[LIBSPDM_MAX_VERSION_COUNT];
3443 : spdm_version_number_t res_version_list[LIBSPDM_MAX_VERSION_COUNT];
3444 : size_t req_index;
3445 : size_t res_index;
3446 :
3447 30 : if (req_ver_num > LIBSPDM_MAX_VERSION_COUNT || res_ver_num > LIBSPDM_MAX_VERSION_COUNT) {
3448 0 : return false;
3449 : }
3450 :
3451 30 : if (req_ver_set == NULL || req_ver_num == 0 || res_ver_set == NULL || res_ver_num == 0) {
3452 0 : return false;
3453 : }
3454 :
3455 30 : libspdm_zero_mem(req_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT);
3456 30 : libspdm_zero_mem(res_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT);
3457 :
3458 30 : libspdm_copy_mem(req_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT,
3459 : req_ver_set, sizeof(spdm_version_number_t) * req_ver_num);
3460 30 : libspdm_copy_mem(res_version_list, sizeof(spdm_version_number_t) * LIBSPDM_MAX_VERSION_COUNT,
3461 : res_ver_set, sizeof(spdm_version_number_t) * res_ver_num);
3462 :
3463 : /* Sort SPDMversion in descending order. */
3464 30 : libspdm_version_number_sort(req_version_list, req_ver_num);
3465 30 : libspdm_version_number_sort(res_version_list, res_ver_num);
3466 :
3467 : /**
3468 : * Find highest same version and make req_index point to it.
3469 : * If not found, return false.
3470 : **/
3471 35 : for (res_index = 0; res_index < res_ver_num; res_index++) {
3472 67 : for (req_index = 0; req_index < req_ver_num; req_index++) {
3473 124 : if (libspdm_get_version_from_version_number(req_version_list[req_index]) ==
3474 62 : libspdm_get_version_from_version_number(res_version_list[res_index])) {
3475 29 : *common_version = req_version_list[req_index];
3476 29 : return true;
3477 : }
3478 : }
3479 : }
3480 1 : return false;
3481 : }
3482 :
3483 : #if LIBSPDM_EVENT_RECIPIENT_SUPPORT
3484 20 : void libspdm_register_event_callback(void *context,
3485 : libspdm_process_event_func process_event_func)
3486 : {
3487 : libspdm_context_t *spdm_context;
3488 :
3489 20 : spdm_context = context;
3490 20 : spdm_context->process_event = process_event_func;
3491 20 : }
3492 : #endif /* LIBSPDM_EVENT_RECIPIENT_SUPPORT */
|
