Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_responder_lib.h"
8 :
9 : #if LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP
10 :
11 19 : libspdm_return_t libspdm_get_response_endpoint_info(libspdm_context_t *spdm_context,
12 : size_t request_size,
13 : const void *request,
14 : size_t *response_size,
15 : void *response)
16 : {
17 : const spdm_get_endpoint_info_request_t *spdm_request;
18 : size_t spdm_request_size;
19 : spdm_endpoint_info_response_t *spdm_response;
20 : size_t spdm_response_size;
21 : libspdm_return_t status;
22 : size_t signature_size;
23 : uint32_t endpoint_info_size;
24 : uint8_t slot_id;
25 : uint8_t sub_code;
26 : libspdm_session_info_t *session_info;
27 : libspdm_session_state_t session_state;
28 : uint8_t *ptr;
29 : bool result;
30 :
31 19 : spdm_request = request;
32 :
33 : /* -=[Check Parameters Phase]=- */
34 19 : LIBSPDM_ASSERT(spdm_request->header.request_response_code == SPDM_GET_ENDPOINT_INFO);
35 :
36 : /* -=[Verify State Phase]=- */
37 19 : if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
38 1 : return libspdm_generate_error_response(
39 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
40 : SPDM_GET_ENDPOINT_INFO, response_size, response);
41 : }
42 :
43 18 : if (!spdm_context->last_spdm_request_session_id_valid) {
44 17 : session_info = NULL;
45 : } else {
46 1 : session_info = libspdm_get_session_info_via_session_id(
47 : spdm_context,
48 : spdm_context->last_spdm_request_session_id);
49 1 : if (session_info == NULL) {
50 0 : return libspdm_generate_error_response(
51 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
52 : 0, response_size, response);
53 : }
54 1 : session_state = libspdm_secured_message_get_session_state(
55 : session_info->secured_message_context);
56 1 : if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
57 0 : return libspdm_generate_error_response(
58 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
59 : 0, response_size, response);
60 : }
61 : }
62 :
63 18 : if (spdm_context->response_state != LIBSPDM_RESPONSE_STATE_NORMAL) {
64 3 : return libspdm_responder_handle_response_state(
65 : spdm_context,
66 3 : spdm_request->header.request_response_code,
67 : response_size, response);
68 : }
69 15 : if (!libspdm_is_capabilities_flag_supported(
70 : spdm_context, false, 0,
71 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP)) {
72 1 : return libspdm_generate_error_response(
73 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
74 : SPDM_GET_ENDPOINT_INFO, response_size, response);
75 : }
76 :
77 14 : if (spdm_context->connection_info.connection_state <
78 : LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
79 1 : return libspdm_generate_error_response(
80 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
81 : 0, response_size, response);
82 : }
83 :
84 : /* -=[Validate Request Phase]=- */
85 13 : if (spdm_request->header.spdm_version !=
86 13 : libspdm_get_connection_version(spdm_context)) {
87 1 : return libspdm_generate_error_response(
88 : spdm_context, SPDM_ERROR_CODE_VERSION_MISMATCH,
89 : 0, response_size, response);
90 : }
91 :
92 12 : if (spdm_request->header.param1 !=
93 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER) {
94 1 : return libspdm_generate_error_response(
95 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
96 : 0, response_size, response);
97 : }
98 :
99 11 : if ((spdm_request->request_attributes &
100 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
101 10 : if (spdm_context->connection_info.algorithm.base_asym_algo != 0) {
102 10 : signature_size = libspdm_get_asym_signature_size(
103 : spdm_context->connection_info.algorithm.base_asym_algo);
104 : }
105 10 : if (spdm_context->connection_info.algorithm.pqc_asym_algo != 0) {
106 0 : signature_size = libspdm_get_pqc_asym_signature_size(
107 : spdm_context->connection_info.algorithm.pqc_asym_algo);
108 : }
109 10 : if (request_size <
110 : sizeof(spdm_get_endpoint_info_request_t) +
111 : SPDM_NONCE_SIZE) {
112 1 : return libspdm_generate_error_response(
113 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
114 : 0, response_size, response);
115 : }
116 9 : spdm_request_size = sizeof(spdm_get_endpoint_info_request_t) + SPDM_NONCE_SIZE;
117 : } else {
118 1 : if (request_size < sizeof(spdm_get_endpoint_info_request_t)) {
119 0 : return libspdm_generate_error_response(
120 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
121 : 0, response_size, response);
122 : }
123 1 : spdm_request_size = sizeof(spdm_get_endpoint_info_request_t);
124 : }
125 :
126 10 : slot_id = 0;
127 10 : if ((spdm_request->request_attributes &
128 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
129 9 : if (!libspdm_is_capabilities_flag_supported(
130 : spdm_context, false, 0,
131 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG)) {
132 1 : return libspdm_generate_error_response(
133 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
134 : SPDM_GET_ENDPOINT_INFO, response_size, response);
135 : }
136 :
137 8 : slot_id = spdm_request->header.param2 & SPDM_GET_ENDPOINT_INFO_REQUEST_SLOT_ID_MASK;
138 :
139 8 : if ((slot_id != 0xF) && (slot_id >= SPDM_MAX_SLOT_COUNT)) {
140 1 : return libspdm_generate_error_response(
141 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
142 : 0, response_size, response);
143 : }
144 :
145 7 : if (slot_id != 0xF) {
146 5 : if (spdm_context->local_context.local_cert_chain_provision[slot_id] == NULL) {
147 1 : return libspdm_generate_error_response(
148 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
149 : 0, response_size, response);
150 : }
151 : } else {
152 2 : if (spdm_context->local_context.local_public_key_provision == NULL) {
153 1 : return libspdm_generate_error_response(
154 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
155 : 0, response_size, response);
156 : }
157 : }
158 :
159 5 : if (spdm_context->connection_info.multi_key_conn_rsp && slot_id != 0xF) {
160 2 : if ((spdm_context->local_context.local_key_usage_bit_mask[slot_id] &
161 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE) == 0) {
162 1 : return libspdm_generate_error_response(
163 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
164 : 0, response_size, response);
165 : }
166 : }
167 : }
168 :
169 : /* -=[Construct Response Phase]=- */
170 : /* response_size should be large enough to hold a ENDPOINT_INFO response without
171 : * EPInfo. */
172 5 : if ((spdm_request->request_attributes &
173 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
174 4 : LIBSPDM_ASSERT(*response_size >= (sizeof(spdm_endpoint_info_response_t) +
175 : SPDM_NONCE_SIZE + sizeof(uint32_t) +
176 : signature_size));
177 4 : spdm_response_size = sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
178 : sizeof(uint32_t) + signature_size;
179 : } else {
180 1 : LIBSPDM_ASSERT(*response_size >= (sizeof(spdm_endpoint_info_response_t) +
181 : sizeof(uint32_t)));
182 1 : spdm_response_size = sizeof(spdm_endpoint_info_response_t) + sizeof(uint32_t);
183 : }
184 5 : libspdm_zero_mem(response, *response_size);
185 :
186 5 : sub_code = spdm_request->header.param1;
187 5 : spdm_response = response;
188 :
189 5 : libspdm_reset_message_buffer_via_request_code(spdm_context, NULL,
190 5 : spdm_request->header.request_response_code);
191 :
192 5 : spdm_response->header.spdm_version = spdm_request->header.spdm_version;
193 5 : spdm_response->header.request_response_code = SPDM_ENDPOINT_INFO;
194 5 : spdm_response->header.param1 = 0;
195 5 : spdm_response->header.param2 = slot_id;
196 5 : ptr = (uint8_t *)spdm_response + sizeof(spdm_endpoint_info_response_t);
197 :
198 5 : if ((spdm_request->request_attributes &
199 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
200 4 : if (!libspdm_get_random_number(SPDM_NONCE_SIZE, ptr)) {
201 0 : libspdm_reset_message_e(spdm_context, session_info);
202 0 : return libspdm_generate_error_response(
203 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
204 : 0, response_size, response);
205 : }
206 4 : ptr += SPDM_NONCE_SIZE;
207 : }
208 5 : ptr += sizeof(uint32_t);
209 :
210 5 : endpoint_info_size = (uint32_t) (*response_size - spdm_response_size);
211 5 : status = libspdm_generate_device_endpoint_info(
212 5 : spdm_context, sub_code, spdm_request->request_attributes,
213 : &endpoint_info_size, ptr);
214 5 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
215 0 : return libspdm_generate_error_response(
216 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
217 : SPDM_GET_ENDPOINT_INFO, response_size, response);
218 : }
219 5 : libspdm_write_uint32(ptr - sizeof(uint32_t), endpoint_info_size);
220 5 : spdm_response_size += endpoint_info_size;
221 5 : *response_size = spdm_response_size;
222 5 : ptr += endpoint_info_size;
223 :
224 5 : if ((spdm_request->request_attributes &
225 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
226 :
227 4 : status = libspdm_append_message_e(spdm_context, session_info, spdm_request,
228 : spdm_request_size);
229 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
230 0 : libspdm_reset_message_e(spdm_context, session_info);
231 0 : return libspdm_generate_error_response(
232 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
233 : 0, response_size, response);
234 : }
235 :
236 4 : status = libspdm_append_message_e(spdm_context, session_info, spdm_response,
237 : spdm_response_size - signature_size);
238 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
239 0 : libspdm_reset_message_e(spdm_context, session_info);
240 0 : return libspdm_generate_error_response(
241 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
242 : 0, response_size, response);
243 : }
244 :
245 4 : result = libspdm_generate_endpoint_info_signature(spdm_context, session_info, false, ptr);
246 :
247 4 : if (!result) {
248 0 : libspdm_reset_message_e(spdm_context, session_info);
249 0 : return libspdm_generate_error_response(
250 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
251 : 0, response_size, response);
252 : }
253 : }
254 :
255 5 : libspdm_reset_message_e(spdm_context, session_info);
256 :
257 5 : return LIBSPDM_STATUS_SUCCESS;
258 : }
259 :
260 : #endif /* LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP */
|