Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include <stdarg.h>
8 : #include <stddef.h>
9 : #include <setjmp.h>
10 : #include <stdint.h>
11 : #include <stdlib.h>
12 : #include <stdio.h>
13 : #include <assert.h>
14 : #include <string.h>
15 :
16 : #include <base.h>
17 : #include "library/memlib.h"
18 : #include "spdm_device_secret_lib_internal.h"
19 : #include "internal/libspdm_common_lib.h"
20 :
21 : #define LIBSPDM_CXL_TSP_2ND_SESSION_0_PSK_DATA_STRING "CxlTsp_2ndSess0_Psk"
22 : #define LIBSPDM_CXL_TSP_2ND_SESSION_1_PSK_DATA_STRING "CxlTsp_2ndSess1_Psk"
23 : #define LIBSPDM_CXL_TSP_2ND_SESSION_2_PSK_DATA_STRING "CxlTsp_2ndSess2_Psk"
24 : #define LIBSPDM_CXL_TSP_2ND_SESSION_3_PSK_DATA_STRING "CxlTsp_2ndSess3_Psk"
25 :
26 : #if LIBSPDM_ENABLE_CAPABILITY_PSK_CAP
27 :
28 : uint8_t m_libspdm_my_zero_filled_buffer[LIBSPDM_MAX_HASH_SIZE];
29 : uint8_t m_libspdm_my_salt0[LIBSPDM_MAX_HASH_SIZE];
30 : uint8_t m_libspdm_bin_str0[0x11] = {
31 : 0x00, 0x00, /* length - to be filled*/
32 : /* SPDM_VERSION_1_1_BIN_CONCAT_LABEL */
33 : 0x73, 0x70, 0x64, 0x6d, 0x31, 0x2e, 0x31, 0x20,
34 : /* SPDM_BIN_STR_0_LABEL */
35 : 0x64, 0x65, 0x72, 0x69, 0x76, 0x65, 0x64,
36 : };
37 :
38 : uint8_t m_cxl_tsp_2nd_session_psk[CXL_TSP_2ND_SESSION_COUNT][CXL_TSP_2ND_SESSION_KEY_SIZE] = {
39 : LIBSPDM_CXL_TSP_2ND_SESSION_0_PSK_DATA_STRING,
40 : LIBSPDM_CXL_TSP_2ND_SESSION_1_PSK_DATA_STRING,
41 : LIBSPDM_CXL_TSP_2ND_SESSION_2_PSK_DATA_STRING,
42 : LIBSPDM_CXL_TSP_2ND_SESSION_3_PSK_DATA_STRING,
43 : };
44 :
45 : uint8_t m_cxl_tsp_current_psk_session_index = 0xFF;
46 :
47 71 : bool libspdm_psk_handshake_secret_hkdf_expand(
48 : spdm_version_number_t spdm_version,
49 : uint32_t base_hash_algo,
50 : const uint8_t *psk_hint,
51 : size_t psk_hint_size,
52 : const uint8_t *info,
53 : size_t info_size,
54 : uint8_t *out, size_t out_size)
55 : {
56 : void *psk;
57 : size_t psk_size;
58 : size_t hash_size;
59 : bool result;
60 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
61 :
62 71 : if ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) >= SPDM_MESSAGE_VERSION_13) {
63 0 : libspdm_set_mem(m_libspdm_my_salt0, sizeof(m_libspdm_my_salt0), 0xff);
64 : }
65 :
66 71 : if (psk_hint_size == 0) {
67 4 : psk = LIBSPDM_TEST_PSK_DATA_STRING;
68 4 : psk_size = sizeof(LIBSPDM_TEST_PSK_DATA_STRING);
69 4 : m_cxl_tsp_current_psk_session_index = 0xFF;
70 67 : } else if ((strcmp((const char *)psk_hint, LIBSPDM_TEST_PSK_HINT_STRING) == 0) &&
71 : (psk_hint_size == sizeof(LIBSPDM_TEST_PSK_HINT_STRING))) {
72 67 : psk = LIBSPDM_TEST_PSK_DATA_STRING;
73 67 : psk_size = sizeof(LIBSPDM_TEST_PSK_DATA_STRING);
74 67 : m_cxl_tsp_current_psk_session_index = 0xFF;
75 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_0_PSK_HINT_STRING) == 0) &&
76 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_0_PSK_HINT_STRING))) {
77 0 : psk = m_cxl_tsp_2nd_session_psk[0];
78 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[0]);
79 0 : m_cxl_tsp_current_psk_session_index = 0;
80 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_1_PSK_HINT_STRING) == 0) &&
81 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_1_PSK_HINT_STRING))) {
82 0 : psk = m_cxl_tsp_2nd_session_psk[1];
83 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[1]);
84 0 : m_cxl_tsp_current_psk_session_index = 1;
85 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_2_PSK_HINT_STRING) == 0) &&
86 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_2_PSK_HINT_STRING))) {
87 0 : psk = m_cxl_tsp_2nd_session_psk[2];
88 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[2]);
89 0 : m_cxl_tsp_current_psk_session_index = 2;
90 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_3_PSK_HINT_STRING) == 0) &&
91 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_3_PSK_HINT_STRING))) {
92 0 : psk = m_cxl_tsp_2nd_session_psk[3];
93 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[3]);
94 0 : m_cxl_tsp_current_psk_session_index = 3;
95 : } else {
96 0 : return false;
97 : }
98 71 : printf("[PSK]: ");
99 71 : libspdm_dump_hex_str(psk, psk_size);
100 71 : printf("\n");
101 :
102 71 : hash_size = libspdm_get_hash_size(base_hash_algo);
103 :
104 71 : result = libspdm_hkdf_extract(base_hash_algo, psk, psk_size, m_libspdm_my_salt0,
105 : hash_size, handshake_secret, hash_size);
106 71 : if (!result) {
107 0 : return result;
108 : }
109 :
110 71 : result = libspdm_hkdf_expand(base_hash_algo, handshake_secret, hash_size,
111 : info, info_size, out, out_size);
112 71 : libspdm_zero_mem(handshake_secret, hash_size);
113 :
114 71 : return result;
115 : }
116 :
117 33 : bool libspdm_psk_master_secret_hkdf_expand(
118 : spdm_version_number_t spdm_version,
119 : uint32_t base_hash_algo,
120 : const uint8_t *psk_hint,
121 : size_t psk_hint_size,
122 : const uint8_t *info,
123 : size_t info_size, uint8_t *out,
124 : size_t out_size)
125 : {
126 : void *psk;
127 : size_t psk_size;
128 : size_t hash_size;
129 : bool result;
130 : uint8_t handshake_secret[LIBSPDM_MAX_HASH_SIZE];
131 : uint8_t salt1[LIBSPDM_MAX_HASH_SIZE];
132 : uint8_t master_secret[LIBSPDM_MAX_HASH_SIZE];
133 :
134 33 : if (psk_hint_size == 0) {
135 0 : psk = LIBSPDM_TEST_PSK_DATA_STRING;
136 0 : psk_size = sizeof(LIBSPDM_TEST_PSK_DATA_STRING);
137 0 : m_cxl_tsp_current_psk_session_index = 0xFF;
138 33 : } else if ((strcmp((const char *)psk_hint, LIBSPDM_TEST_PSK_HINT_STRING) == 0) &&
139 : (psk_hint_size == sizeof(LIBSPDM_TEST_PSK_HINT_STRING))) {
140 33 : psk = LIBSPDM_TEST_PSK_DATA_STRING;
141 33 : psk_size = sizeof(LIBSPDM_TEST_PSK_DATA_STRING);
142 33 : m_cxl_tsp_current_psk_session_index = 0xFF;
143 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_0_PSK_HINT_STRING) == 0) &&
144 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_0_PSK_HINT_STRING))) {
145 0 : psk = m_cxl_tsp_2nd_session_psk[0];
146 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[0]);
147 0 : m_cxl_tsp_current_psk_session_index = 0;
148 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_1_PSK_HINT_STRING) == 0) &&
149 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_1_PSK_HINT_STRING))) {
150 0 : psk = m_cxl_tsp_2nd_session_psk[1];
151 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[1]);
152 0 : m_cxl_tsp_current_psk_session_index = 1;
153 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_2_PSK_HINT_STRING) == 0) &&
154 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_2_PSK_HINT_STRING))) {
155 0 : psk = m_cxl_tsp_2nd_session_psk[2];
156 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[2]);
157 0 : m_cxl_tsp_current_psk_session_index = 2;
158 0 : } else if ((strcmp((const char *)psk_hint, CXL_TSP_2ND_SESSION_3_PSK_HINT_STRING) == 0) &&
159 : (psk_hint_size == sizeof(CXL_TSP_2ND_SESSION_3_PSK_HINT_STRING))) {
160 0 : psk = m_cxl_tsp_2nd_session_psk[3];
161 0 : psk_size = sizeof(m_cxl_tsp_2nd_session_psk[3]);
162 0 : m_cxl_tsp_current_psk_session_index = 3;
163 : } else {
164 0 : return false;
165 : }
166 :
167 33 : hash_size = libspdm_get_hash_size(base_hash_algo);
168 :
169 33 : result = libspdm_hkdf_extract(base_hash_algo, psk, psk_size, m_libspdm_my_salt0,
170 : hash_size, handshake_secret, hash_size);
171 33 : if (!result) {
172 0 : return result;
173 : }
174 :
175 33 : *(uint16_t *)m_libspdm_bin_str0 = (uint16_t)hash_size;
176 : /* patch the version*/
177 33 : m_libspdm_bin_str0[6] = (char)('0' + ((spdm_version >> 12) & 0xF));
178 33 : m_libspdm_bin_str0[8] = (char)('0' + ((spdm_version >> 8) & 0xF));
179 33 : result = libspdm_hkdf_expand(base_hash_algo, handshake_secret, hash_size,
180 : m_libspdm_bin_str0, sizeof(m_libspdm_bin_str0), salt1,
181 : hash_size);
182 33 : libspdm_zero_mem(handshake_secret, hash_size);
183 33 : if (!result) {
184 0 : return result;
185 : }
186 :
187 33 : result = libspdm_hkdf_extract(base_hash_algo, m_libspdm_my_zero_filled_buffer,
188 : hash_size, salt1, hash_size, master_secret, hash_size);
189 33 : libspdm_zero_mem(salt1, hash_size);
190 33 : if (!result) {
191 0 : return result;
192 : }
193 :
194 33 : result = libspdm_hkdf_expand(base_hash_algo, master_secret, hash_size,
195 : info, info_size, out, out_size);
196 33 : libspdm_zero_mem(master_secret, hash_size);
197 :
198 33 : return result;
199 : }
200 : #endif /* LIBSPDM_ENABLE_CAPABILITY_PSK_CAP */
|
