Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_responder_lib.h"
8 :
9 : #if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
10 :
11 4 : libspdm_return_t libspdm_get_response_key_pair_info(libspdm_context_t *spdm_context,
12 : size_t request_size, const void *request,
13 : size_t *response_size, void *response)
14 : {
15 : const spdm_get_key_pair_info_request_t *spdm_request;
16 : spdm_key_pair_info_response_t *spdm_response;
17 :
18 : libspdm_session_info_t *session_info;
19 : libspdm_session_state_t session_state;
20 :
21 : uint8_t total_key_pairs;
22 : uint16_t capabilities;
23 : uint16_t key_usage_capabilities;
24 : uint16_t current_key_usage;
25 : uint32_t asym_algo_capabilities;
26 : uint32_t current_asym_algo;
27 : uint16_t public_key_info_len;
28 : uint8_t assoc_cert_slot_mask;
29 : uint8_t key_pair_id;
30 : bool result;
31 : uint8_t *public_key_info;
32 :
33 4 : spdm_request = request;
34 :
35 : /* -=[Check Parameters Phase]=- */
36 4 : LIBSPDM_ASSERT(spdm_request->header.request_response_code == SPDM_GET_KEY_PAIR_INFO);
37 :
38 4 : if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
39 0 : return libspdm_generate_error_response(spdm_context,
40 : SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
41 : SPDM_GET_KEY_PAIR_INFO,
42 : response_size, response);
43 : }
44 :
45 4 : if (spdm_request->header.spdm_version != libspdm_get_connection_version(spdm_context)) {
46 0 : return libspdm_generate_error_response(spdm_context,
47 : SPDM_ERROR_CODE_VERSION_MISMATCH, 0,
48 : response_size, response);
49 : }
50 :
51 4 : if (spdm_context->response_state != LIBSPDM_RESPONSE_STATE_NORMAL) {
52 0 : return libspdm_responder_handle_response_state(spdm_context,
53 0 : spdm_request->header.request_response_code,
54 : response_size, response);
55 : }
56 :
57 4 : if (request_size < sizeof(spdm_get_key_pair_info_request_t)) {
58 0 : return libspdm_generate_error_response(spdm_context,
59 : SPDM_ERROR_CODE_INVALID_REQUEST, 0,
60 : response_size, response);
61 : }
62 :
63 4 : if (spdm_context->connection_info.connection_state <
64 : LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
65 0 : return libspdm_generate_error_response(
66 : spdm_context,
67 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
68 : response_size, response);
69 : }
70 :
71 4 : if (spdm_context->last_spdm_request_session_id_valid) {
72 0 : session_info = libspdm_get_session_info_via_session_id(
73 : spdm_context,
74 : spdm_context->last_spdm_request_session_id);
75 0 : if (session_info == NULL) {
76 0 : return libspdm_generate_error_response(
77 : spdm_context,
78 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
79 : response_size, response);
80 : }
81 0 : session_state = libspdm_secured_message_get_session_state(
82 : session_info->secured_message_context);
83 0 : if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
84 0 : return libspdm_generate_error_response(
85 : spdm_context,
86 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
87 : response_size, response);
88 : }
89 : }
90 :
91 4 : if (!libspdm_is_capabilities_flag_supported(
92 : spdm_context, false, 0,
93 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP)) {
94 1 : return libspdm_generate_error_response(
95 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
96 : SPDM_GET_KEY_PAIR_INFO, response_size, response);
97 : }
98 :
99 3 : total_key_pairs = spdm_context->local_context.total_key_pairs;
100 3 : key_pair_id = spdm_request->key_pair_id;
101 3 : if ((key_pair_id == 0) || (key_pair_id > total_key_pairs)) {
102 2 : return libspdm_generate_error_response(spdm_context,
103 : SPDM_ERROR_CODE_INVALID_REQUEST, 0,
104 : response_size, response);
105 : }
106 :
107 1 : LIBSPDM_ASSERT(*response_size >= sizeof(spdm_key_pair_info_response_t));
108 1 : public_key_info_len = (uint16_t)(*response_size - sizeof(spdm_key_pair_info_response_t));
109 1 : libspdm_zero_mem(response, *response_size);
110 :
111 1 : public_key_info = (uint8_t*)response + sizeof(spdm_key_pair_info_response_t);
112 1 : result = libspdm_read_key_pair_info(
113 : spdm_context,
114 : key_pair_id,
115 : &capabilities,
116 : &key_usage_capabilities,
117 : ¤t_key_usage,
118 : &asym_algo_capabilities,
119 : ¤t_asym_algo,
120 : &assoc_cert_slot_mask,
121 : &public_key_info_len,
122 : public_key_info);
123 1 : if (!result) {
124 0 : return libspdm_generate_error_response(spdm_context,
125 : SPDM_ERROR_CODE_INVALID_REQUEST, 0,
126 : response_size, response);
127 : }
128 :
129 : /*If responder doesn't support SET_KEY_PAIR_INFO_CAP,the capabilities should be 0*/
130 1 : if (!libspdm_is_capabilities_flag_supported(
131 : spdm_context, false, 0,
132 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP)) {
133 1 : capabilities = 0;
134 : }
135 :
136 1 : spdm_response = response;
137 1 : *response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
138 :
139 1 : spdm_response->header.spdm_version = spdm_request->header.spdm_version;
140 1 : spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO;
141 1 : spdm_response->header.param1 = 0;
142 1 : spdm_response->header.param2 = 0;
143 1 : spdm_response->total_key_pairs = total_key_pairs;
144 1 : spdm_response->key_pair_id = key_pair_id;
145 1 : spdm_response->capabilities = capabilities & SPDM_KEY_PAIR_CAP_MASK;
146 1 : spdm_response->key_usage_capabilities = key_usage_capabilities & SPDM_KEY_USAGE_BIT_MASK;
147 1 : spdm_response->current_key_usage = current_key_usage & SPDM_KEY_USAGE_BIT_MASK;
148 1 : spdm_response->asym_algo_capabilities = asym_algo_capabilities &
149 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_MASK;
150 1 : spdm_response->current_asym_algo = current_asym_algo & SPDM_KEY_PAIR_ASYM_ALGO_CAP_MASK;
151 1 : spdm_response->public_key_info_len = public_key_info_len;
152 1 : spdm_response->assoc_cert_slot_mask = assoc_cert_slot_mask;
153 :
154 1 : return LIBSPDM_STATUS_SUCCESS;
155 : }
156 :
157 : #endif /*LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP*/
|
