Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_requester_lib.h"
8 :
9 : #if LIBSPDM_ENABLE_CAPABILITY_SET_KEY_PAIR_INFO_CAP
10 :
11 : /**
12 : * This function sends SET_KEY_PAIR_INFO and receives SET_KEY_PAIR_INFO_ACK
13 : *
14 : * @param context A pointer to the SPDM context.
15 : *
16 : **/
17 5 : static libspdm_return_t libspdm_try_set_key_pair_info(libspdm_context_t *spdm_context,
18 : const uint32_t *session_id,
19 : uint8_t key_pair_id,
20 : uint8_t operation,
21 : uint16_t desired_key_usage,
22 : uint32_t desired_asym_algo,
23 : uint8_t desired_assoc_cert_slot_mask
24 : )
25 : {
26 : libspdm_return_t status;
27 : spdm_set_key_pair_info_request_t *spdm_request;
28 : size_t spdm_request_size;
29 : spdm_set_key_pair_info_ack_response_t *spdm_response;
30 : size_t spdm_response_size;
31 : uint8_t *message;
32 : size_t message_size;
33 : size_t transport_header_size;
34 : libspdm_session_info_t *session_info;
35 : libspdm_session_state_t session_state;
36 : uint8_t *ptr;
37 :
38 : /* -=[Check Parameters Phase]=- */
39 5 : if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
40 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
41 : }
42 :
43 5 : if (key_pair_id == 0) {
44 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
45 : }
46 :
47 5 : if (operation > SPDM_SET_KEY_PAIR_INFO_GENERATE_OPERATION) {
48 0 : return LIBSPDM_STATUS_INVALID_PARAMETER;
49 : }
50 5 : if (operation == SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION) {
51 5 : if ((desired_key_usage != 0) || (desired_asym_algo != 0) ||
52 : (desired_assoc_cert_slot_mask != 0)) {
53 1 : return LIBSPDM_STATUS_INVALID_PARAMETER;
54 : }
55 : }
56 :
57 : /* -=[Verify State Phase]=- */
58 4 : if (!libspdm_is_capabilities_flag_supported(
59 : spdm_context, true, 0,
60 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP)) {
61 0 : return LIBSPDM_STATUS_UNSUPPORTED_CAP;
62 : }
63 4 : if (spdm_context->connection_info.connection_state < LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
64 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
65 : }
66 :
67 4 : session_info = NULL;
68 4 : if (session_id != NULL) {
69 0 : session_info = libspdm_get_session_info_via_session_id(spdm_context, *session_id);
70 0 : if (session_info == NULL) {
71 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
72 : }
73 0 : session_state = libspdm_secured_message_get_session_state(
74 : session_info->secured_message_context);
75 0 : if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
76 0 : return LIBSPDM_STATUS_INVALID_STATE_LOCAL;
77 : }
78 : }
79 :
80 : /* -=[Construct Request Phase]=- */
81 4 : transport_header_size = spdm_context->local_context.capability.transport_header_size;
82 4 : status = libspdm_acquire_sender_buffer (spdm_context, &message_size, (void **)&message);
83 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
84 0 : return status;
85 : }
86 4 : LIBSPDM_ASSERT (message_size >= transport_header_size +
87 : spdm_context->local_context.capability.transport_tail_size);
88 4 : spdm_request = (void *)(message + transport_header_size);
89 4 : spdm_request_size = message_size - transport_header_size -
90 4 : spdm_context->local_context.capability.transport_tail_size;
91 :
92 4 : LIBSPDM_ASSERT(spdm_request_size >= sizeof(spdm_set_key_pair_info_request_t));
93 4 : spdm_request->header.spdm_version = libspdm_get_connection_version (spdm_context);
94 4 : spdm_request->header.request_response_code = SPDM_SET_KEY_PAIR_INFO;
95 4 : spdm_request->header.param1 = operation;
96 4 : spdm_request->header.param2 = 0;
97 4 : spdm_request->key_pair_id = key_pair_id;
98 :
99 4 : if (operation != SPDM_SET_KEY_PAIR_INFO_ERASE_OPERATION) {
100 0 : LIBSPDM_ASSERT(spdm_request_size >= sizeof(spdm_set_key_pair_info_request_t) +
101 : sizeof(uint8_t) + sizeof(uint16_t) + sizeof(uint32_t) + sizeof(uint8_t));
102 0 : ptr = (uint8_t*)(spdm_request + 1);
103 0 : *ptr = 0;
104 0 : ptr += sizeof(uint8_t);
105 :
106 0 : libspdm_write_uint16 (ptr, desired_key_usage);
107 0 : ptr += sizeof(uint16_t);
108 :
109 0 : libspdm_write_uint32 (ptr, desired_asym_algo);
110 0 : ptr += sizeof(uint32_t);
111 :
112 0 : *ptr = desired_assoc_cert_slot_mask;
113 0 : ptr += sizeof(uint8_t);
114 0 : spdm_request_size = ((size_t)ptr - (size_t)spdm_request);
115 : } else {
116 4 : spdm_request_size = sizeof(spdm_set_key_pair_info_request_t);
117 : }
118 :
119 : /* -=[Send Request Phase]=- */
120 4 : status = libspdm_send_spdm_request(spdm_context, session_id, spdm_request_size, spdm_request);
121 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
122 1 : libspdm_release_sender_buffer (spdm_context);
123 1 : return status;
124 : }
125 3 : libspdm_release_sender_buffer (spdm_context);
126 3 : spdm_request = (void *)spdm_context->last_spdm_request;
127 :
128 : /* -=[Receive Response Phase]=- */
129 3 : status = libspdm_acquire_receiver_buffer (spdm_context, &message_size, (void **)&message);
130 3 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
131 0 : return status;
132 : }
133 3 : LIBSPDM_ASSERT (message_size >= transport_header_size);
134 3 : spdm_response = (void *)(message);
135 3 : spdm_response_size = message_size;
136 :
137 3 : status = libspdm_receive_spdm_response(
138 : spdm_context, session_id, &spdm_response_size, (void **)&spdm_response);
139 3 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
140 0 : goto receive_done;
141 : }
142 :
143 : /* -=[Validate Response Phase]=- */
144 3 : if (spdm_response_size < sizeof(spdm_message_header_t)) {
145 0 : status = LIBSPDM_STATUS_INVALID_MSG_SIZE;
146 0 : goto receive_done;
147 : }
148 3 : if (spdm_response->header.spdm_version != spdm_request->header.spdm_version) {
149 1 : status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
150 1 : goto receive_done;
151 : }
152 2 : if (spdm_response->header.request_response_code == SPDM_ERROR) {
153 0 : status = libspdm_handle_error_response_main(
154 : spdm_context, session_id,
155 : &spdm_response_size,
156 : (void **)&spdm_response, SPDM_SET_KEY_PAIR_INFO, SPDM_SET_KEY_PAIR_INFO_ACK);
157 0 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
158 0 : goto receive_done;
159 : }
160 2 : } else if (spdm_response->header.request_response_code != SPDM_SET_KEY_PAIR_INFO_ACK) {
161 1 : status = LIBSPDM_STATUS_INVALID_MSG_FIELD;
162 1 : goto receive_done;
163 : }
164 :
165 1 : spdm_response_size = sizeof(spdm_set_key_pair_info_ack_response_t);
166 :
167 1 : status = LIBSPDM_STATUS_SUCCESS;
168 :
169 : /* -=[Log Message Phase]=- */
170 : #if LIBSPDM_ENABLE_MSG_LOG
171 1 : libspdm_append_msg_log(spdm_context, spdm_response, spdm_response_size);
172 : #endif /* LIBSPDM_ENABLE_MSG_LOG */
173 :
174 3 : receive_done:
175 3 : libspdm_release_receiver_buffer (spdm_context);
176 3 : return status;
177 : }
178 :
179 5 : libspdm_return_t libspdm_set_key_pair_info(void *spdm_context, const uint32_t *session_id,
180 : uint8_t key_pair_id,
181 : uint8_t operation,
182 : uint16_t desired_key_usage,
183 : uint32_t desired_asym_algo,
184 : uint8_t desired_assoc_cert_slot_mask
185 : )
186 : {
187 : libspdm_context_t *context;
188 : size_t retry;
189 : uint64_t retry_delay_time;
190 : libspdm_return_t status;
191 :
192 5 : context = spdm_context;
193 5 : context->crypto_request = true;
194 5 : retry = context->retry_times;
195 5 : retry_delay_time = context->retry_delay_time;
196 : do {
197 5 : status = libspdm_try_set_key_pair_info(context, session_id, key_pair_id,
198 : operation,
199 : desired_key_usage,
200 : desired_asym_algo,
201 : desired_assoc_cert_slot_mask);
202 5 : if (status != LIBSPDM_STATUS_BUSY_PEER) {
203 5 : return status;
204 : }
205 :
206 0 : libspdm_sleep(retry_delay_time);
207 0 : } while (retry-- != 0);
208 :
209 0 : return status;
210 : }
211 :
212 : #endif /* LIBSPDM_ENABLE_CAPABILITY_SET_KEY_PAIR_INFO_CAP */
|
