LCOV - code coverage report
Current view: top level - library/spdm_requester_lib - libspdm_req_get_key_pair_info.c (source / functions) Coverage Total Hit
Test: coverage.info Lines: 49.1 % 171 84
Test Date: 2025-08-24 08:11:14 Functions: 66.7 % 3 2

            Line data    Source code
       1              : /**
       2              :  *  Copyright Notice:
       3              :  *  Copyright 2024-2025 DMTF. All rights reserved.
       4              :  *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
       5              :  **/
       6              : 
       7              : #include "internal/libspdm_requester_lib.h"
       8              : 
       9              : #if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
      10              : 
      11              : typedef struct {
      12              :     spdm_message_header_t header;
      13              :     uint8_t total_key_pairs;
      14              :     uint8_t key_pair_id;
      15              :     uint16_t capabilities;
      16              :     uint16_t key_usage_capabilities;
      17              :     uint16_t current_key_usage;
      18              :     uint32_t asym_algo_capabilities;
      19              :     uint32_t current_asym_algo;
      20              :     uint16_t public_key_info_len;
      21              :     uint8_t assoc_cert_slot_mask;
      22              :     uint8_t public_key_info[SPDM_MAX_PUBLIC_KEY_INFO_LEN];
      23              :     uint8_t pqc_asym_algo_cap_len;
      24              :     uint32_t pqc_asym_algo_capabilities;
      25              :     uint8_t current_pqc_asym_algo_len;
      26              :     uint32_t current_pqc_asym_algo;
      27              : } libspdm_key_pair_info_response_max_t;
      28              : 
      29              : /**
      30              :  * This function sends GET_KEY_PAIR_INFO and receives KEY_PAIR_INFO *
      31              :  *
      32              :  * @param  context             A pointer to the SPDM context.
      33              :  *
      34              :  **/
      35            2 : static libspdm_return_t libspdm_try_get_key_pair_info(libspdm_context_t *spdm_context,
      36              :                                                       const uint32_t *session_id,
      37              :                                                       uint8_t key_pair_id,
      38              :                                                       uint8_t *total_key_pairs,
      39              :                                                       uint16_t *capabilities,
      40              :                                                       uint16_t *key_usage_capabilities,
      41              :                                                       uint16_t *current_key_usage,
      42              :                                                       uint32_t *asym_algo_capabilities,
      43              :                                                       uint32_t *current_asym_algo,
      44              :                                                       uint32_t *pqc_asym_algo_capabilities,
      45              :                                                       uint32_t *current_pqc_asym_algo,
      46              :                                                       uint8_t *assoc_cert_slot_mask,
      47              :                                                       uint16_t *public_key_info_len,
      48              :                                                       void *public_key_info
      49              :                                                       )
      50              : {
      51              :     libspdm_return_t status;
      52              :     spdm_get_key_pair_info_request_t *spdm_request;
      53              :     size_t spdm_request_size;
      54              :     libspdm_key_pair_info_response_max_t *spdm_response;
      55              :     size_t spdm_response_size;
      56              :     uint8_t *message;
      57              :     size_t message_size;
      58              :     size_t transport_header_size;
      59              :     libspdm_session_info_t *session_info;
      60              :     libspdm_session_state_t session_state;
      61              :     uint8_t pqc_asym_algo_cap_len;
      62              :     uint8_t current_pqc_asym_algo_len;
      63              :     uint8_t *ptr;
      64              :     uint32_t rsp_pqc_asym_algo_capabilities;
      65              :     uint32_t rsp_current_pqc_asym_algo;
      66              : 
      67              :     /* -=[Check Parameters Phase]=- */
      68            2 :     if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
      69            0 :         return LIBSPDM_STATUS_UNSUPPORTED_CAP;
      70              :     }
      71              : 
      72            2 :     if (key_pair_id == 0) {
      73            0 :         return LIBSPDM_STATUS_INVALID_PARAMETER;
      74              :     }
      75              : 
      76              :     /* -=[Verify State Phase]=- */
      77            2 :     if (!libspdm_is_capabilities_flag_supported(
      78              :             spdm_context, true, 0,
      79              :             SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP)) {
      80            0 :         return LIBSPDM_STATUS_UNSUPPORTED_CAP;
      81              :     }
      82            2 :     if (spdm_context->connection_info.connection_state < LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
      83            0 :         return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
      84              :     }
      85              : 
      86            2 :     session_info = NULL;
      87            2 :     if (session_id != NULL) {
      88            0 :         session_info = libspdm_get_session_info_via_session_id(spdm_context, *session_id);
      89            0 :         if (session_info == NULL) {
      90            0 :             return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
      91              :         }
      92            0 :         session_state = libspdm_secured_message_get_session_state(
      93              :             session_info->secured_message_context);
      94            0 :         if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
      95            0 :             return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
      96              :         }
      97              :     }
      98              : 
      99              :     /* -=[Construct Request Phase]=- */
     100            2 :     transport_header_size = spdm_context->local_context.capability.transport_header_size;
     101            2 :     status = libspdm_acquire_sender_buffer (spdm_context, &message_size, (void **)&message);
     102            2 :     if (LIBSPDM_STATUS_IS_ERROR(status)) {
     103            0 :         return status;
     104              :     }
     105            2 :     LIBSPDM_ASSERT (message_size >= transport_header_size +
     106              :                     spdm_context->local_context.capability.transport_tail_size);
     107            2 :     spdm_request = (void *)(message + transport_header_size);
     108            2 :     spdm_request_size = message_size - transport_header_size -
     109            2 :                         spdm_context->local_context.capability.transport_tail_size;
     110              : 
     111            2 :     LIBSPDM_ASSERT(spdm_request_size >= sizeof(spdm_get_key_pair_info_request_t));
     112            2 :     spdm_request->header.spdm_version = libspdm_get_connection_version (spdm_context);
     113            2 :     spdm_request->header.request_response_code = SPDM_GET_KEY_PAIR_INFO;
     114            2 :     spdm_request->header.param1 = 0;
     115            2 :     spdm_request->header.param2 = 0;
     116            2 :     spdm_request->key_pair_id = key_pair_id;
     117            2 :     spdm_request_size = sizeof(spdm_get_key_pair_info_request_t);
     118              : 
     119              :     /* -=[Send Request Phase]=- */
     120            2 :     status = libspdm_send_spdm_request(spdm_context, session_id, spdm_request_size, spdm_request);
     121            2 :     if (LIBSPDM_STATUS_IS_ERROR(status)) {
     122            1 :         libspdm_release_sender_buffer (spdm_context);
     123            1 :         return status;
     124              :     }
     125            1 :     libspdm_release_sender_buffer (spdm_context);
     126            1 :     spdm_request = (void *)spdm_context->last_spdm_request;
     127              : 
     128              :     /* -=[Receive Response Phase]=- */
     129            1 :     status = libspdm_acquire_receiver_buffer (spdm_context, &message_size, (void **)&message);
     130            1 :     if (LIBSPDM_STATUS_IS_ERROR(status)) {
     131            0 :         return status;
     132              :     }
     133            1 :     LIBSPDM_ASSERT (message_size >= transport_header_size);
     134            1 :     spdm_response = (void *)(message);
     135            1 :     spdm_response_size = message_size;
     136              : 
     137            1 :     status = libspdm_receive_spdm_response(
     138              :         spdm_context, session_id, &spdm_response_size, (void **)&spdm_response);
     139            1 :     if (LIBSPDM_STATUS_IS_ERROR(status)) {
     140            0 :         goto receive_done;
     141              :     }
     142              : 
     143              :     /* -=[Validate Response Phase]=- */
     144            1 :     if (spdm_response_size < sizeof(spdm_message_header_t)) {
     145            0 :         status = LIBSPDM_STATUS_INVALID_MSG_SIZE;
     146            0 :         goto receive_done;
     147              :     }
     148            1 :     if (spdm_response->header.request_response_code == SPDM_ERROR) {
     149            0 :         status = libspdm_handle_error_response_main(
     150              :             spdm_context, session_id,
     151              :             &spdm_response_size,
     152              :             (void **)&spdm_response, SPDM_GET_KEY_PAIR_INFO, SPDM_KEY_PAIR_INFO);
     153            0 :         if (LIBSPDM_STATUS_IS_ERROR(status)) {
     154            0 :             goto receive_done;
     155              :         }
     156            1 :     } else if (spdm_response->header.request_response_code != SPDM_KEY_PAIR_INFO) {
     157            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     158            0 :         goto receive_done;
     159              :     }
     160            1 :     if (spdm_response->header.spdm_version != spdm_request->header.spdm_version) {
     161            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     162            0 :         goto receive_done;
     163              :     }
     164              : 
     165            1 :     if ((spdm_response->key_pair_id != key_pair_id) ||
     166            1 :         (spdm_response->key_pair_id > (spdm_response->total_key_pairs))) {
     167            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     168            0 :         goto receive_done;
     169              :     }
     170              : 
     171            1 :     if (spdm_response_size < sizeof(spdm_key_pair_info_response_t)) {
     172            0 :         status = LIBSPDM_STATUS_INVALID_MSG_SIZE;
     173            0 :         goto receive_done;
     174              :     }
     175              : 
     176            1 :     if (spdm_response_size < sizeof(spdm_key_pair_info_response_t) +
     177            1 :         spdm_response->public_key_info_len) {
     178            0 :         status = LIBSPDM_STATUS_INVALID_MSG_SIZE;
     179            0 :         goto receive_done;
     180              :     }
     181              : 
     182            1 :     rsp_pqc_asym_algo_capabilities = 0;
     183            1 :     rsp_current_pqc_asym_algo = 0;
     184            1 :     if (spdm_response->header.spdm_version >= SPDM_MESSAGE_VERSION_14) {
     185            0 :         if (spdm_response_size < sizeof(spdm_key_pair_info_response_t) +
     186            0 :             spdm_response->public_key_info_len + sizeof(uint8_t)) {
     187            0 :             status = LIBSPDM_STATUS_INVALID_MSG_SIZE;
     188            0 :             goto receive_done;
     189              :         }
     190            0 :         ptr = (uint8_t *)spdm_response + sizeof(spdm_key_pair_info_response_t) + spdm_response->public_key_info_len;
     191              : 
     192            0 :         pqc_asym_algo_cap_len = *ptr;
     193            0 :         if (spdm_response_size < sizeof(spdm_key_pair_info_response_t) +
     194            0 :             spdm_response->public_key_info_len + sizeof(uint8_t) + pqc_asym_algo_cap_len + sizeof(uint8_t)) {
     195            0 :             status = LIBSPDM_STATUS_INVALID_MSG_SIZE;
     196            0 :             goto receive_done;
     197              :         }
     198            0 :         if (pqc_asym_algo_cap_len > sizeof(uint32_t)) {
     199            0 :             pqc_asym_algo_cap_len = sizeof(uint32_t);
     200              :         }
     201            0 :         libspdm_copy_mem (&rsp_pqc_asym_algo_capabilities, sizeof(rsp_pqc_asym_algo_capabilities),
     202            0 :                           ptr + sizeof(uint8_t), pqc_asym_algo_cap_len);
     203              : 
     204            0 :         current_pqc_asym_algo_len = *(ptr + sizeof(uint8_t) + pqc_asym_algo_cap_len);
     205            0 :         if (current_pqc_asym_algo_len > sizeof(uint32_t)) {
     206            0 :             current_pqc_asym_algo_len = sizeof(uint32_t);
     207              :         }
     208            0 :         libspdm_copy_mem (&rsp_current_pqc_asym_algo, sizeof(rsp_current_pqc_asym_algo),
     209            0 :                           ptr + sizeof(uint8_t) + pqc_asym_algo_cap_len + sizeof(uint8_t), current_pqc_asym_algo_len);
     210              : 
     211            0 :         rsp_pqc_asym_algo_capabilities &= SPDM_KEY_PAIR_PQC_ASYM_ALGO_CAP_MASK;
     212            0 :         rsp_current_pqc_asym_algo &= SPDM_KEY_PAIR_PQC_ASYM_ALGO_CAP_MASK;
     213              :     } else {
     214            1 :         spdm_response_size = sizeof(spdm_key_pair_info_response_t) + spdm_response->public_key_info_len;
     215              :     }
     216              : 
     217              :     /* -=[Process Response Phase]=- */
     218            1 :     *key_usage_capabilities = (spdm_response->key_usage_capabilities) & SPDM_KEY_USAGE_BIT_MASK;
     219            1 :     if (*key_usage_capabilities == 0) {
     220            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     221            0 :         goto receive_done;
     222              :     }
     223            1 :     *current_key_usage = (spdm_response->current_key_usage) & SPDM_KEY_USAGE_BIT_MASK;
     224            1 :     if ((*key_usage_capabilities | *current_key_usage) != *key_usage_capabilities) {
     225            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     226            0 :         goto receive_done;
     227              :     }
     228              : 
     229            1 :     *asym_algo_capabilities = (spdm_response->asym_algo_capabilities) &
     230              :                               SPDM_KEY_PAIR_ASYM_ALGO_CAP_MASK;
     231            1 :     if (*asym_algo_capabilities == 0) {
     232            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     233            0 :         goto receive_done;
     234              :     }
     235            1 :     *current_asym_algo = (spdm_response->current_asym_algo) & SPDM_KEY_PAIR_ASYM_ALGO_CAP_MASK;
     236            1 :     if (!libspdm_onehot0(*current_asym_algo)) {
     237            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     238            0 :         goto receive_done;
     239              :     }
     240            1 :     if ((*asym_algo_capabilities | *current_asym_algo) != *asym_algo_capabilities) {
     241            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     242            0 :         goto receive_done;
     243              :     }
     244              : 
     245            1 :     if (!libspdm_onehot0(rsp_current_pqc_asym_algo)) {
     246            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     247            0 :         goto receive_done;
     248              :     }
     249            1 :     if ((rsp_pqc_asym_algo_capabilities | rsp_current_pqc_asym_algo) != rsp_pqc_asym_algo_capabilities) {
     250            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     251            0 :         goto receive_done;
     252              :     }
     253            1 :     if ((*current_asym_algo != 0) && (rsp_current_pqc_asym_algo != 0)) {
     254            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     255            0 :         goto receive_done;
     256              :     }
     257              : 
     258            1 :     if (pqc_asym_algo_capabilities != NULL) {
     259            0 :         *pqc_asym_algo_capabilities = rsp_pqc_asym_algo_capabilities;
     260              :     }
     261            1 :     if (current_pqc_asym_algo != NULL) {
     262            0 :         *current_pqc_asym_algo = rsp_current_pqc_asym_algo;
     263              :     }
     264              : 
     265              :     /*If responder doesn't support SET_KEY_PAIR_INFO_CAP,the capabilities should be 0*/
     266            1 :     if ((!libspdm_is_capabilities_flag_supported(
     267              :              spdm_context, true, 0,
     268            0 :              SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP)) &&
     269            0 :         ((spdm_response->capabilities & SPDM_KEY_PAIR_CAP_MASK) != 0)) {
     270            0 :         status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
     271            0 :         goto receive_done;
     272              :     }
     273              : 
     274            1 :     *total_key_pairs = spdm_response->total_key_pairs;
     275            1 :     *capabilities = spdm_response->capabilities & SPDM_KEY_PAIR_CAP_MASK;
     276              : 
     277            1 :     if (*public_key_info_len < spdm_response->public_key_info_len) {
     278            0 :         status = LIBSPDM_STATUS_BUFFER_FULL;
     279            0 :         goto receive_done;
     280              :     }
     281            1 :     *public_key_info_len = spdm_response->public_key_info_len;
     282            1 :     *assoc_cert_slot_mask = spdm_response->assoc_cert_slot_mask;
     283              : 
     284            1 :     libspdm_copy_mem(public_key_info,
     285            1 :                      spdm_response->public_key_info_len,
     286            1 :                      spdm_response->public_key_info,
     287            1 :                      spdm_response->public_key_info_len);
     288              : 
     289            1 :     status = LIBSPDM_STATUS_SUCCESS;
     290              : 
     291              :     /* -=[Log Message Phase]=- */
     292              :     #if LIBSPDM_ENABLE_MSG_LOG
     293            1 :     libspdm_append_msg_log(spdm_context, spdm_response, spdm_response_size);
     294              :     #endif /* LIBSPDM_ENABLE_MSG_LOG */
     295              : 
     296            1 : receive_done:
     297            1 :     libspdm_release_receiver_buffer (spdm_context);
     298            1 :     return status;
     299              : }
     300              : 
     301            0 : libspdm_return_t libspdm_get_key_pair_info_with_pqc(void *spdm_context, const uint32_t *session_id,
     302              :                                                     uint8_t key_pair_id, uint8_t *total_key_pairs,
     303              :                                                     uint16_t *capabilities,
     304              :                                                     uint16_t *key_usage_capabilities,
     305              :                                                     uint16_t *current_key_usage,
     306              :                                                     uint32_t *asym_algo_capabilities,
     307              :                                                     uint32_t *current_asym_algo,
     308              :                                                     uint32_t *pqc_asym_algo_capabilities,
     309              :                                                     uint32_t *current_pqc_asym_algo,
     310              :                                                     uint8_t *assoc_cert_slot_mask,
     311              :                                                     uint16_t *public_key_info_len,
     312              :                                                     void *public_key_info
     313              :                                                     )
     314              : {
     315              :     libspdm_context_t *context;
     316              :     size_t retry;
     317              :     uint64_t retry_delay_time;
     318              :     libspdm_return_t status;
     319              : 
     320            0 :     context = spdm_context;
     321            0 :     context->crypto_request = true;
     322            0 :     retry = context->retry_times;
     323            0 :     retry_delay_time = context->retry_delay_time;
     324              :     do {
     325            0 :         status = libspdm_try_get_key_pair_info(context, session_id, key_pair_id,
     326              :                                                total_key_pairs, capabilities,
     327              :                                                key_usage_capabilities, current_key_usage,
     328              :                                                asym_algo_capabilities, current_asym_algo,
     329              :                                                pqc_asym_algo_capabilities, current_pqc_asym_algo,
     330              :                                                assoc_cert_slot_mask, public_key_info_len,
     331              :                                                public_key_info);
     332            0 :         if (status != LIBSPDM_STATUS_BUSY_PEER) {
     333            0 :             return status;
     334              :         }
     335              : 
     336            0 :         libspdm_sleep(retry_delay_time);
     337            0 :     } while (retry-- != 0);
     338              : 
     339            0 :     return status;
     340              : }
     341              : 
     342            2 : libspdm_return_t libspdm_get_key_pair_info(void *spdm_context, const uint32_t *session_id,
     343              :                                            uint8_t key_pair_id, uint8_t *total_key_pairs,
     344              :                                            uint16_t *capabilities,
     345              :                                            uint16_t *key_usage_capabilities,
     346              :                                            uint16_t *current_key_usage,
     347              :                                            uint32_t *asym_algo_capabilities,
     348              :                                            uint32_t *current_asym_algo,
     349              :                                            uint8_t *assoc_cert_slot_mask,
     350              :                                            uint16_t *public_key_info_len,
     351              :                                            void *public_key_info
     352              :                                            )
     353              : {
     354              :     libspdm_context_t *context;
     355              :     size_t retry;
     356              :     uint64_t retry_delay_time;
     357              :     libspdm_return_t status;
     358              : 
     359            2 :     context = spdm_context;
     360            2 :     context->crypto_request = true;
     361            2 :     retry = context->retry_times;
     362            2 :     retry_delay_time = context->retry_delay_time;
     363              :     do {
     364            2 :         status = libspdm_try_get_key_pair_info(context, session_id, key_pair_id,
     365              :                                                total_key_pairs, capabilities,
     366              :                                                key_usage_capabilities, current_key_usage,
     367              :                                                asym_algo_capabilities, current_asym_algo,
     368              :                                                NULL, NULL,
     369              :                                                assoc_cert_slot_mask, public_key_info_len,
     370              :                                                public_key_info);
     371            2 :         if (status != LIBSPDM_STATUS_BUSY_PEER) {
     372            2 :             return status;
     373              :         }
     374              : 
     375            0 :         libspdm_sleep(retry_delay_time);
     376            0 :     } while (retry-- != 0);
     377              : 
     378            0 :     return status;
     379              : }
     380              : 
     381              : #endif /* LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP */
        

Generated by: LCOV version 2.0-1