Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024-2025 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include "internal/libspdm_responder_lib.h"
8 :
9 : #if LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP
10 :
11 4 : libspdm_return_t libspdm_get_response_key_pair_info(libspdm_context_t *spdm_context,
12 : size_t request_size, const void *request,
13 : size_t *response_size, void *response)
14 : {
15 : const spdm_get_key_pair_info_request_t *spdm_request;
16 : spdm_key_pair_info_response_t *spdm_response;
17 :
18 : libspdm_session_info_t *session_info;
19 : libspdm_session_state_t session_state;
20 :
21 : uint8_t total_key_pairs;
22 : uint16_t capabilities;
23 : uint16_t key_usage_capabilities;
24 : uint16_t current_key_usage;
25 : uint32_t asym_algo_capabilities;
26 : uint32_t current_asym_algo;
27 : uint32_t pqc_asym_algo_capabilities;
28 : uint32_t current_pqc_asym_algo;
29 : uint8_t pqc_asym_algo_cap_len;
30 : uint8_t current_pqc_asym_algo_len;
31 : uint16_t public_key_info_len;
32 : uint8_t assoc_cert_slot_mask;
33 : uint8_t key_pair_id;
34 : bool result;
35 : uint8_t *public_key_info;
36 : uint8_t *ptr;
37 :
38 4 : spdm_request = request;
39 :
40 : /* -=[Check Parameters Phase]=- */
41 4 : LIBSPDM_ASSERT(spdm_request->header.request_response_code == SPDM_GET_KEY_PAIR_INFO);
42 :
43 4 : if (libspdm_get_connection_version(spdm_context) < SPDM_MESSAGE_VERSION_13) {
44 0 : return libspdm_generate_error_response(spdm_context,
45 : SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
46 : SPDM_GET_KEY_PAIR_INFO,
47 : response_size, response);
48 : }
49 :
50 4 : if (spdm_request->header.spdm_version != libspdm_get_connection_version(spdm_context)) {
51 0 : return libspdm_generate_error_response(spdm_context,
52 : SPDM_ERROR_CODE_VERSION_MISMATCH, 0,
53 : response_size, response);
54 : }
55 :
56 4 : if (spdm_context->response_state != LIBSPDM_RESPONSE_STATE_NORMAL) {
57 0 : return libspdm_responder_handle_response_state(spdm_context,
58 0 : spdm_request->header.request_response_code,
59 : response_size, response);
60 : }
61 :
62 4 : if (request_size < sizeof(spdm_get_key_pair_info_request_t)) {
63 0 : return libspdm_generate_error_response(spdm_context,
64 : SPDM_ERROR_CODE_INVALID_REQUEST, 0,
65 : response_size, response);
66 : }
67 :
68 4 : if (spdm_context->connection_info.connection_state <
69 : LIBSPDM_CONNECTION_STATE_NEGOTIATED) {
70 0 : return libspdm_generate_error_response(
71 : spdm_context,
72 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
73 : response_size, response);
74 : }
75 :
76 4 : if (spdm_context->last_spdm_request_session_id_valid) {
77 0 : session_info = libspdm_get_session_info_via_session_id(
78 : spdm_context,
79 : spdm_context->last_spdm_request_session_id);
80 0 : if (session_info == NULL) {
81 0 : return libspdm_generate_error_response(
82 : spdm_context,
83 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
84 : response_size, response);
85 : }
86 0 : session_state = libspdm_secured_message_get_session_state(
87 : session_info->secured_message_context);
88 0 : if (session_state != LIBSPDM_SESSION_STATE_ESTABLISHED) {
89 0 : return libspdm_generate_error_response(
90 : spdm_context,
91 : SPDM_ERROR_CODE_UNEXPECTED_REQUEST, 0,
92 : response_size, response);
93 : }
94 : }
95 :
96 4 : if (!libspdm_is_capabilities_flag_supported(
97 : spdm_context, false, 0,
98 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_GET_KEY_PAIR_INFO_CAP)) {
99 1 : return libspdm_generate_error_response(
100 : spdm_context, SPDM_ERROR_CODE_UNSUPPORTED_REQUEST,
101 : SPDM_GET_KEY_PAIR_INFO, response_size, response);
102 : }
103 :
104 3 : total_key_pairs = spdm_context->local_context.total_key_pairs;
105 3 : key_pair_id = spdm_request->key_pair_id;
106 3 : if ((key_pair_id == 0) || (key_pair_id > total_key_pairs)) {
107 2 : return libspdm_generate_error_response(spdm_context,
108 : SPDM_ERROR_CODE_INVALID_REQUEST, 0,
109 : response_size, response);
110 : }
111 :
112 1 : LIBSPDM_ASSERT(*response_size >= sizeof(spdm_key_pair_info_response_t));
113 1 : public_key_info_len = (uint16_t)(*response_size - sizeof(spdm_key_pair_info_response_t));
114 1 : libspdm_zero_mem(response, *response_size);
115 :
116 1 : public_key_info = (uint8_t*)response + sizeof(spdm_key_pair_info_response_t);
117 1 : result = libspdm_read_key_pair_info(
118 : spdm_context,
119 : key_pair_id,
120 : &capabilities,
121 : &key_usage_capabilities,
122 : ¤t_key_usage,
123 : &asym_algo_capabilities,
124 : ¤t_asym_algo,
125 : &pqc_asym_algo_capabilities,
126 : ¤t_pqc_asym_algo,
127 : &assoc_cert_slot_mask,
128 : &public_key_info_len,
129 : public_key_info);
130 1 : if (!result) {
131 0 : return libspdm_generate_error_response(spdm_context,
132 : SPDM_ERROR_CODE_INVALID_REQUEST, 0,
133 : response_size, response);
134 : }
135 :
136 : /*If responder doesn't support SET_KEY_PAIR_INFO_CAP,the capabilities should be 0*/
137 1 : if (!libspdm_is_capabilities_flag_supported(
138 : spdm_context, false, 0,
139 : SPDM_GET_CAPABILITIES_RESPONSE_FLAGS_SET_KEY_PAIR_INFO_CAP)) {
140 1 : capabilities = 0;
141 : }
142 :
143 1 : spdm_response = response;
144 1 : if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_14) {
145 0 : LIBSPDM_ASSERT(*response_size >= sizeof(spdm_key_pair_info_response_t) + sizeof(uint32_t)*4);
146 0 : *response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len + sizeof(uint32_t)*4;
147 : } else {
148 1 : LIBSPDM_ASSERT(*response_size >= sizeof(spdm_key_pair_info_response_t));
149 1 : *response_size = sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
150 : }
151 :
152 1 : spdm_response->header.spdm_version = spdm_request->header.spdm_version;
153 1 : spdm_response->header.request_response_code = SPDM_KEY_PAIR_INFO;
154 1 : spdm_response->header.param1 = 0;
155 1 : spdm_response->header.param2 = 0;
156 1 : spdm_response->total_key_pairs = total_key_pairs;
157 1 : spdm_response->key_pair_id = key_pair_id;
158 1 : spdm_response->capabilities = capabilities & SPDM_KEY_PAIR_CAP_MASK;
159 1 : spdm_response->key_usage_capabilities = key_usage_capabilities & SPDM_KEY_USAGE_BIT_MASK;
160 1 : spdm_response->current_key_usage = current_key_usage & SPDM_KEY_USAGE_BIT_MASK;
161 1 : spdm_response->asym_algo_capabilities = asym_algo_capabilities &
162 : SPDM_KEY_PAIR_ASYM_ALGO_CAP_MASK;
163 1 : spdm_response->current_asym_algo = current_asym_algo & SPDM_KEY_PAIR_ASYM_ALGO_CAP_MASK;
164 1 : spdm_response->public_key_info_len = public_key_info_len;
165 1 : spdm_response->assoc_cert_slot_mask = assoc_cert_slot_mask;
166 :
167 1 : if (spdm_request->header.spdm_version >= SPDM_MESSAGE_VERSION_14) {
168 0 : ptr = (uint8_t *)spdm_response + sizeof(spdm_key_pair_info_response_t) + public_key_info_len;
169 0 : pqc_asym_algo_cap_len = sizeof(pqc_asym_algo_capabilities);
170 0 : current_pqc_asym_algo_len = sizeof(current_pqc_asym_algo);
171 0 : *ptr = pqc_asym_algo_cap_len;
172 0 : ptr += sizeof(uint8_t);
173 0 : libspdm_write_uint32 (ptr, pqc_asym_algo_capabilities);
174 0 : ptr += sizeof(uint32_t);
175 0 : *ptr = current_pqc_asym_algo_len;
176 0 : ptr += sizeof(uint8_t);
177 0 : libspdm_write_uint32 (ptr, current_pqc_asym_algo);
178 0 : ptr += sizeof(uint32_t);
179 : }
180 :
181 1 : return LIBSPDM_STATUS_SUCCESS;
182 : }
183 :
184 : #endif /*LIBSPDM_ENABLE_CAPABILITY_GET_KEY_PAIR_INFO_CAP*/
|
