Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_responder_lib.h"
8 :
9 : #if LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP
10 :
11 19 : libspdm_return_t libspdm_get_response_endpoint_info(libspdm_context_t *spdm_context,
12 : size_t request_size,
13 : const void *request,
14 : size_t *response_size,
15 : void *response)
16 : {
17 : const spdm_get_endpoint_info_request_t *spdm_request;
18 : size_t spdm_request_size;
19 : spdm_endpoint_info_response_t *spdm_response;
20 : size_t spdm_response_size;
21 : libspdm_return_t status;
22 : size_t signature_size;
23 : uint32_t endpoint_info_size;
24 : uint8_t slot_id;
25 : uint8_t sub_code;
26 : libspdm_session_info_t *session_info;
27 : libspdm_session_state_t session_state;
28 : uint8_t *ptr;
29 : bool result;
30 :
31 19 : spdm_request = request;
32 :
33 : /* -=[Check Parameters Phase]=- */
34 19 : LIBSPDM_ASSERT(spdm_request->header.request_response_code == SPDM_GET_ENDPOINT_INFO);
35 :
36 : /* -=[Verify State Phase]=- */
37 19 : if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
38 1 : return libspdm_generate_error_response(
39 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
40 : SPDM_GET_ENDPOINT_INFO, response_size, response);
41 : }
42 :
43 18 : if (!spdm_context->last_spdm_request_session_id_valid) {
44 17 : session_info = NULL;
45 : } else {
46 1 : session_info = libspdm_get_session_info_via_session_id(
47 : spdm_context,
48 : spdm_context->last_spdm_request_session_id);
49 1 : if (session_info == NULL) {
50 0 : return libspdm_generate_error_response(
51 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
52 : 0, response_size, response);
53 : }
54 1 : session_state = libspdm_secured_message_get_session_state(
55 : session_info->secured_message_context);
56 1 : if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
57 0 : return libspdm_generate_error_response(
58 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
59 : 0, response_size, response);
60 : }
61 : }
62 :
63 18 : if (spdm_context->response_state != LIBSPDM_RESPONSE_STATE_NORMAL) {
64 3 : return libspdm_responder_handle_response_state(
65 : spdm_context,
66 3 : spdm_request->header.request_response_code,
67 : response_size, response);
68 : }
69 15 : if (!libspdm_is_capabilities_flag_supported(
70 : spdm_context, false, 0,
71 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP)) {
72 1 : return libspdm_generate_error_response(
73 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
74 : SPDM_GET_ENDPOINT_INFO, response_size, response);
75 : }
76 :
77 14 : if (spdm_context->connection_info.connection_state <
78 : LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
79 1 : return libspdm_generate_error_response(
80 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
81 : 0, response_size, response);
82 : }
83 :
84 : /* -=[Validate Request Phase]=- */
85 13 : if (spdm_request->header.spdm_version !=
86 13 : libspdm_get_connection_version(spdm_context)) {
87 1 : return libspdm_generate_error_response(
88 : spdm_context, SPDM_ERROR_CODE_VERSION_MISMATCH,
89 : 0, response_size, response);
90 : }
91 :
92 12 : if (spdm_request->header.param1 !=
93 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER) {
94 1 : return libspdm_generate_error_response(
95 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
96 : 0, response_size, response);
97 : }
98 :
99 11 : if ((spdm_request->request_attributes &
100 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
101 10 : signature_size = libspdm_get_asym_signature_size(
102 : spdm_context->connection_info.algorithm.base_asym_algo);
103 10 : if (request_size <
104 : sizeof(spdm_get_endpoint_info_request_t) +
105 : SPDM_NONCE_SIZE) {
106 1 : return libspdm_generate_error_response(
107 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
108 : 0, response_size, response);
109 : }
110 9 : spdm_request_size = sizeof(spdm_get_endpoint_info_request_t) + SPDM_NONCE_SIZE;
111 : } else {
112 1 : if (request_size < sizeof(spdm_get_endpoint_info_request_t)) {
113 0 : return libspdm_generate_error_response(
114 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
115 : 0, response_size, response);
116 : }
117 1 : spdm_request_size = sizeof(spdm_get_endpoint_info_request_t);
118 : }
119 :
120 10 : slot_id = 0;
121 10 : if ((spdm_request->request_attributes &
122 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
123 9 : if (!libspdm_is_capabilities_flag_supported(
124 : spdm_context, false, 0,
125 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG)) {
126 1 : return libspdm_generate_error_response(
127 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
128 : SPDM_GET_ENDPOINT_INFO, response_size, response);
129 : }
130 :
131 8 : slot_id = spdm_request->header.param2 & SPDM_GET_ENDPOINT_INFO_REQUEST_SLOT_ID_MASK;
132 :
133 8 : if ((slot_id != 0xF) && (slot_id >= SPDM_MAX_SLOT_COUNT)) {
134 1 : return libspdm_generate_error_response(
135 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
136 : 0, response_size, response);
137 : }
138 :
139 7 : if (slot_id != 0xF) {
140 5 : if (spdm_context->local_context.local_cert_chain_provision[slot_id] == NULL) {
141 1 : return libspdm_generate_error_response(
142 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
143 : 0, response_size, response);
144 : }
145 : } else {
146 2 : if (spdm_context->local_context.local_public_key_provision == NULL) {
147 1 : return libspdm_generate_error_response(
148 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
149 : 0, response_size, response);
150 : }
151 : }
152 :
153 5 : if (spdm_context->connection_info.multi_key_conn_rsp && slot_id != 0xF) {
154 2 : if ((spdm_context->local_context.local_key_usage_bit_mask[slot_id] &
155 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE) == 0) {
156 1 : return libspdm_generate_error_response(
157 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
158 : 0, response_size, response);
159 : }
160 : }
161 : }
162 :
163 : /* -=[Construct Response Phase]=- */
164 : /* response_size should be large enough to hold a ENDPOINT_INFO response without
165 : * EPInfo. */
166 5 : if ((spdm_request->request_attributes &
167 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
168 4 : LIBSPDM_ASSERT(*response_size >= (sizeof(spdm_endpoint_info_response_t) +
169 : SPDM_NONCE_SIZE + sizeof(uint32_t) +
170 : signature_size));
171 4 : spdm_response_size = sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
172 : sizeof(uint32_t) + signature_size;
173 : } else {
174 1 : LIBSPDM_ASSERT(*response_size >= (sizeof(spdm_endpoint_info_response_t) +
175 : sizeof(uint32_t)));
176 1 : spdm_response_size = sizeof(spdm_endpoint_info_response_t) + sizeof(uint32_t);
177 : }
178 5 : libspdm_zero_mem(response, *response_size);
179 :
180 5 : sub_code = spdm_request->header.param1;
181 5 : spdm_response = response;
182 :
183 5 : libspdm_reset_message_buffer_via_request_code(spdm_context, NULL,
184 5 : spdm_request->header.request_response_code);
185 :
186 5 : spdm_response->header.spdm_version = spdm_request->header.spdm_version;
187 5 : spdm_response->header.request_response_code = SPDM_ENDPOINT_INFO;
188 5 : spdm_response->header.param1 = 0;
189 5 : spdm_response->header.param2 = slot_id;
190 5 : ptr = (uint8_t *)spdm_response + sizeof(spdm_endpoint_info_response_t);
191 :
192 5 : if ((spdm_request->request_attributes &
193 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
194 4 : if(!libspdm_get_random_number(SPDM_NONCE_SIZE, ptr)) {
195 0 : libspdm_reset_message_e(spdm_context, session_info);
196 0 : return libspdm_generate_error_response(
197 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
198 : 0, response_size, response);
199 : }
200 4 : ptr += SPDM_NONCE_SIZE;
201 : }
202 5 : ptr += sizeof(uint32_t);
203 :
204 5 : endpoint_info_size = (uint32_t) (*response_size - spdm_response_size);
205 5 : status = libspdm_generate_device_endpoint_info(
206 5 : spdm_context, sub_code, spdm_request->request_attributes,
207 : &endpoint_info_size, ptr);
208 5 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
209 0 : return libspdm_generate_error_response(
210 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
211 : SPDM_GET_ENDPOINT_INFO, response_size, response);
212 : }
213 5 : libspdm_write_uint32(ptr - sizeof(uint32_t), endpoint_info_size);
214 5 : spdm_response_size += endpoint_info_size;
215 5 : *response_size = spdm_response_size;
216 5 : ptr += endpoint_info_size;
217 :
218 5 : if ((spdm_request->request_attributes &
219 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
220 :
221 4 : status = libspdm_append_message_e(spdm_context, session_info, spdm_request,
222 : spdm_request_size);
223 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
224 0 : libspdm_reset_message_e(spdm_context, session_info);
225 0 : return libspdm_generate_error_response(
226 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
227 : 0, response_size, response);
228 : }
229 :
230 4 : status = libspdm_append_message_e(spdm_context, session_info, spdm_response,
231 : spdm_response_size - signature_size);
232 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
233 0 : libspdm_reset_message_e(spdm_context, session_info);
234 0 : return libspdm_generate_error_response(
235 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
236 : 0, response_size, response);
237 : }
238 :
239 4 : result = libspdm_generate_endpoint_info_signature(spdm_context, session_info, false, ptr);
240 :
241 4 : if (!result) {
242 0 : libspdm_reset_message_e(spdm_context, session_info);
243 0 : return libspdm_generate_error_response(
244 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
245 : 0, response_size, response);
246 : }
247 : }
248 :
249 5 : libspdm_reset_message_e(spdm_context, session_info);
250 :
251 5 : return LIBSPDM_STATUS_SUCCESS;
252 : }
253 :
254 : #endif /* LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP */
|
