Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_responder_lib.h"
8 :
9 : #if LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP
10 :
11 19 : libspdm_return_t libspdm_get_response_endpoint_info(libspdm_context_t *spdm_context,
12 : size_t request_size,
13 : const void *request,
14 : size_t *response_size,
15 : void *response)
16 : {
17 : const spdm_get_endpoint_info_request_t *spdm_request;
18 : size_t spdm_request_size;
19 : spdm_endpoint_info_response_t *spdm_response;
20 : size_t spdm_response_size;
21 : libspdm_return_t status;
22 : size_t signature_size;
23 : uint32_t endpoint_info_size;
24 : uint8_t slot_id;
25 : uint8_t sub_code;
26 : libspdm_session_info_t *session_info;
27 : libspdm_session_state_t session_state;
28 : uint8_t *ptr;
29 : bool result;
30 :
31 19 : spdm_request = request;
32 :
33 : /* -=[Check Parameters Phase]=- */
34 19 : LIBSPDM_ASSERT(spdm_request->header.request_response_code == SPDM_GET_ENDPOINT_INFO);
35 :
36 : /* -=[Verify State Phase]=- */
37 19 : if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
38 1 : return libspdm_generate_error_response(
39 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
40 : SPDM_GET_ENDPOINT_INFO, response_size, response);
41 : }
42 :
43 18 : if (!spdm_context->last_spdm_request_session_id_valid) {
44 17 : session_info = NULL;
45 : } else {
46 1 : session_info = libspdm_get_session_info_via_session_id(
47 : spdm_context,
48 : spdm_context->last_spdm_request_session_id);
49 1 : if (session_info == NULL) {
50 0 : return libspdm_generate_error_response(
51 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
52 : 0, response_size, response);
53 : }
54 1 : session_state = libspdm_secured_message_get_session_state(
55 : session_info->secured_message_context);
56 1 : if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
57 0 : return libspdm_generate_error_response(
58 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
59 : 0, response_size, response);
60 : }
61 : }
62 :
63 18 : if (spdm_context->response_state != LIBSPDM_RESPONSE_STATE_NORMAL) {
64 3 : return libspdm_responder_handle_response_state(
65 : spdm_context,
66 3 : spdm_request->header.request_response_code,
67 : response_size, response);
68 : }
69 15 : if (!libspdm_is_capabilities_flag_supported(
70 : spdm_context, false, 0,
71 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP)) {
72 1 : return libspdm_generate_error_response(
73 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
74 : SPDM_GET_ENDPOINT_INFO, response_size, response);
75 : }
76 :
77 14 : if (spdm_context->connection_info.connection_state <
78 : LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
79 1 : return libspdm_generate_error_response(
80 : spdm_context, SPDM_ERROR_CODE_UNEXPECTED_REQUEST,
81 : 0, response_size, response);
82 : }
83 :
84 : /* -=[Validate Request Phase]=- */
85 13 : if (spdm_request->header.spdm_version !=
86 13 : libspdm_get_connection_version(spdm_context)) {
87 1 : return libspdm_generate_error_response(
88 : spdm_context, SPDM_ERROR_CODE_VERSION_MISMATCH,
89 : 0, response_size, response);
90 : }
91 :
92 12 : if (spdm_request->header.param1 !=
93 : SPDM_GET_ENDPOINT_INFO_REQUEST_SUBCODE_DEVICE_CLASS_IDENTIFIER) {
94 1 : return libspdm_generate_error_response(
95 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
96 : 0, response_size, response);
97 : }
98 :
99 11 : if ((spdm_request->request_attributes &
100 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
101 10 : if (spdm_context->connection_info.algorithm.pqc_asym_algo != 0) {
102 0 : signature_size = libspdm_get_pqc_asym_signature_size(
103 : spdm_context->connection_info.algorithm.pqc_asym_algo);
104 : } else {
105 10 : signature_size = libspdm_get_asym_signature_size(
106 : spdm_context->connection_info.algorithm.base_asym_algo);
107 : }
108 10 : if (request_size <
109 : sizeof(spdm_get_endpoint_info_request_t) +
110 : SPDM_NONCE_SIZE) {
111 1 : return libspdm_generate_error_response(
112 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
113 : 0, response_size, response);
114 : }
115 9 : spdm_request_size = sizeof(spdm_get_endpoint_info_request_t) + SPDM_NONCE_SIZE;
116 : } else {
117 1 : if (request_size < sizeof(spdm_get_endpoint_info_request_t)) {
118 0 : return libspdm_generate_error_response(
119 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
120 : 0, response_size, response);
121 : }
122 1 : spdm_request_size = sizeof(spdm_get_endpoint_info_request_t);
123 : }
124 :
125 10 : slot_id = 0;
126 10 : if ((spdm_request->request_attributes &
127 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
128 9 : if (!libspdm_is_capabilities_flag_supported(
129 : spdm_context, false, 0,
130 : SPDM_GET_CAPABILITIES_REQUEST_FLAGS_EP_INFO_CAP_SIG)) {
131 1 : return libspdm_generate_error_response(
132 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
133 : SPDM_GET_ENDPOINT_INFO, response_size, response);
134 : }
135 :
136 8 : slot_id = spdm_request->header.param2 & SPDM_GET_ENDPOINT_INFO_REQUEST_SLOT_ID_MASK;
137 :
138 8 : if ((slot_id != 0xF) && (slot_id >= SPDM_MAX_SLOT_COUNT)) {
139 1 : return libspdm_generate_error_response(
140 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
141 : 0, response_size, response);
142 : }
143 :
144 7 : if (slot_id != 0xF) {
145 5 : if (spdm_context->local_context.local_cert_chain_provision[slot_id] == NULL) {
146 1 : return libspdm_generate_error_response(
147 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
148 : 0, response_size, response);
149 : }
150 : } else {
151 2 : if (spdm_context->local_context.local_public_key_provision == NULL) {
152 1 : return libspdm_generate_error_response(
153 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
154 : 0, response_size, response);
155 : }
156 : }
157 :
158 5 : if (spdm_context->connection_info.multi_key_conn_rsp && slot_id != 0xF) {
159 2 : if ((spdm_context->local_context.local_key_usage_bit_mask[slot_id] &
160 : SPDM_KEY_USAGE_BIT_MASK_ENDPOINT_INFO_USE) == 0) {
161 1 : return libspdm_generate_error_response(
162 : spdm_context, SPDM_ERROR_CODE_INVALID_REQUEST,
163 : 0, response_size, response);
164 : }
165 : }
166 : }
167 :
168 : /* -=[Construct Response Phase]=- */
169 : /* response_size should be large enough to hold a ENDPOINT_INFO response without
170 : * EPInfo. */
171 5 : if ((spdm_request->request_attributes &
172 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
173 4 : LIBSPDM_ASSERT(*response_size >= (sizeof(spdm_endpoint_info_response_t) +
174 : SPDM_NONCE_SIZE + sizeof(uint32_t) +
175 : signature_size));
176 4 : spdm_response_size = sizeof(spdm_endpoint_info_response_t) + SPDM_NONCE_SIZE +
177 : sizeof(uint32_t) + signature_size;
178 : } else {
179 1 : LIBSPDM_ASSERT(*response_size >= (sizeof(spdm_endpoint_info_response_t) +
180 : sizeof(uint32_t)));
181 1 : spdm_response_size = sizeof(spdm_endpoint_info_response_t) + sizeof(uint32_t);
182 : }
183 5 : libspdm_zero_mem(response, *response_size);
184 :
185 5 : sub_code = spdm_request->header.param1;
186 5 : spdm_response = response;
187 :
188 5 : libspdm_reset_message_buffer_via_request_code(spdm_context, NULL,
189 5 : spdm_request->header.request_response_code);
190 :
191 5 : spdm_response->header.spdm_version = spdm_request->header.spdm_version;
192 5 : spdm_response->header.request_response_code = SPDM_ENDPOINT_INFO;
193 5 : spdm_response->header.param1 = 0;
194 5 : spdm_response->header.param2 = slot_id;
195 5 : ptr = (uint8_t *)spdm_response + sizeof(spdm_endpoint_info_response_t);
196 :
197 5 : if ((spdm_request->request_attributes &
198 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
199 4 : if (!libspdm_get_random_number(SPDM_NONCE_SIZE, ptr)) {
200 0 : libspdm_reset_message_e(spdm_context, session_info);
201 0 : return libspdm_generate_error_response(
202 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
203 : 0, response_size, response);
204 : }
205 4 : ptr += SPDM_NONCE_SIZE;
206 : }
207 5 : ptr += sizeof(uint32_t);
208 :
209 5 : endpoint_info_size = (uint32_t) (*response_size - spdm_response_size);
210 5 : status = libspdm_generate_device_endpoint_info(
211 5 : spdm_context, sub_code, spdm_request->request_attributes,
212 : &endpoint_info_size, ptr);
213 5 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
214 0 : return libspdm_generate_error_response(
215 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
216 : SPDM_GET_ENDPOINT_INFO, response_size, response);
217 : }
218 5 : libspdm_write_uint32(ptr - sizeof(uint32_t), endpoint_info_size);
219 5 : spdm_response_size += endpoint_info_size;
220 5 : *response_size = spdm_response_size;
221 5 : ptr += endpoint_info_size;
222 :
223 5 : if ((spdm_request->request_attributes &
224 : SPDM_GET_ENDPOINT_INFO_REQUEST_ATTRIBUTE_SIGNATURE_REQUESTED) != 0) {
225 :
226 4 : status = libspdm_append_message_e(spdm_context, session_info, spdm_request,
227 : spdm_request_size);
228 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
229 0 : libspdm_reset_message_e(spdm_context, session_info);
230 0 : return libspdm_generate_error_response(
231 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
232 : 0, response_size, response);
233 : }
234 :
235 4 : status = libspdm_append_message_e(spdm_context, session_info, spdm_response,
236 : spdm_response_size - signature_size);
237 4 : if (LIBSPDM_STATUS_IS_ERROR(status)) {
238 0 : libspdm_reset_message_e(spdm_context, session_info);
239 0 : return libspdm_generate_error_response(
240 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
241 : 0, response_size, response);
242 : }
243 :
244 4 : result = libspdm_generate_endpoint_info_signature(spdm_context, session_info, false, ptr);
245 :
246 4 : if (!result) {
247 0 : libspdm_reset_message_e(spdm_context, session_info);
248 0 : return libspdm_generate_error_response(
249 : spdm_context, SPDM_ERROR_CODE_UNSPECIFIED,
250 : 0, response_size, response);
251 : }
252 : }
253 :
254 5 : libspdm_reset_message_e(spdm_context, session_info);
255 :
256 5 : return LIBSPDM_STATUS_SUCCESS;
257 : }
258 :
259 : #endif /* LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP */
|
